>On 2015-12-31 00:01, Garri Djavadyan wrote: >> Hello Squid members and developers! >> >> First of all, I wish you a Happy New Year 2016! >> >> The current Host header forgery policy effectively prevents a cache >> poisoning. But also, I noticed, it deletes verified earlier cached >> object. Is it possible to implement more careful algorithm as an >> option? For example, if Squid will not delete earlier successfully >> verified and valid cached object and serve forged request from the >> cache if would be more effective and in same time secure behavior. > > >This seems to be describing ><http://bugs.squid-cache.org/show_bug.cgi?id=3940> > >So far we don't have a solution. Patches very welcome. > >Amos
Amos, can recheck the bug report? I found the root cause of the problem and presented possible prototype solution, which solves the problem in my environment. Thank you in advance! _______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
