Re: [squid-users] header_access & cookies from Henrik Nordstrom on 2007-09-19 (squid-users)

From: Henrik Nordstrom <henrik@dont-contact.us>
Date: Wed, 19 Sep 2007 09:22:55 +0200

On tis, 2007-09-18 at 21:47 -0400, vollkommen@gmx.net wrote:

> I find "header_access All deny all" appears to be responsible for the cookie blocking.

Yes, unless you allow cookies first.

> I'd like to find out what additional header_access I need to allow to let these cookies through.

Set-Cookie
Set-Cookie2
Cookie
Cookie2

But I would recommend you to consider why you are at all using
header_access if you want to allow cookies.. Most people uses
header_access to give anonymity to their users, and most sites uses
cookies to track the identity of users..

This use of header_access (denying most except cookies) just dangers
messing up the HTTP protocol, without giving any noticeable anonymity to
your users.

Regards
Henrik

application/pgp-signature attachment: This is a digitally signed message part

Received on Wed Sep 19 2007 - 01:23:02 MDT

This archive was generated by hypermail pre-2.1.9 : Mon Oct 01 2007 - 12:00:02 MDT