Re: [squid-users] Can't stay logged in

From: Alex Rousskov <rousskov_at_measurement-factory.com>
Date: Fri, 07 Jun 2013 09:51:19 -0600

On 06/07/2013 10:14 AM, CACook_at_quantum-sci.com wrote:
> On Thursday, June 06, 2013 09:38:41 PM Amos Jeffries wrote:
>> On 6/06/2013 5:06 a.m., CACook_at_quantum-sci.com wrote:
>>> On Friday, May 31, 2013 07:51:08 AM CACook_at_quantum-sci.com wrote:
>>>> On Wednesday, May 29, 2013 04:20:21 PM CACook_at_quantum-sci.com wrote:
>>>>> Does anyone know why I can't stay logged in to this site, with headers paranoid?
>>>>> http://www.cctvforum.com/
>>>>>
>>>>> squid.conf:
>>>>> http://pastebin.ca/2384770
>>>>>
>>>>> Here's what happens when I give my username and password on the site and try to log in:
>>>>> http://pastebin.ca/2385890
>>>> No one knows?
>>> Is there anyplace documented where I could learn which header items could be causing the problem?
>>
>> They key ones are all in here: http://www.ietf.org/rfc/rfc2616.txt
>> notice the rules pertaining to proxies and gateways - which headers are
>> mandatory for relay, insert or update.
>>
>> Amos
>
> I guess I give up. I have no errors in the logs when the failure occurs, so I just can't divine the problem.

You need to analyze incoming and outgoing request headers for the
transaction(s) that fail. Squid can log them for you. After that, use
trial-and-error approach to allow the headers that are critical to that
specific site. Repeat for each site that fails to function when you
filter headers.

This pain is a side-effect of you telling Squid to violate HTTP by not
forwarding the headers it must forward. Only you can tell whether that
pain is worth the gain in privacy (or whatever it is that you are trying
to accomplish by stripping headers), of course.

HTH,

Alex.
Received on Fri Jun 07 2013 - 15:51:33 MDT

This archive was generated by hypermail 2.2.0 : Fri Jun 07 2013 - 12:00:06 MDT