On Wed, 22 Sep 2004, Martyn Bright wrote:
> Interestingly, I have been tasked with evaluating a number of different
> proxies on both Windows and Linux. To date, the only one that has exhibited
> this https/auth/domain name stripping problem has been Squid. Does that
> mean that the others are effectively all using non persistent connections,
> or is Squid missing a trick somewhere?
Could be either.
What I know for certain is that this problem is a browser bug, not a Squid
bug. And a quite serious one as it risks revealing personal details in
plain text which was supposed to be SSL encrypted (credit card into etc,
depending on what that https request contains).
But it is entirely possible the other proxies you tried all have
workarounds for this browser bug, or that they did not use persistent
connections, or otherwise manage to avoid triggering the browser bug.
Regards
Henrik
Received on Wed Sep 22 2004 - 07:53:24 MDT
This archive was generated by hypermail pre-2.1.9 : Fri Oct 01 2004 - 12:00:02 MDT