Thanks for your responses.
What security problem does rewriting the host value prevent? I'm not sure
what domain hijacking is. At work I currently use ISA Server 2004 and when
it recieves:
GET http://66.102.9.147/
HOST www.google.co.uk
it connects to 66.102.9.147 and sends:
GET /
HOST www.google.co.uk
Is this a security risk? The RFCs state that a web server MUST use
http://66.102.9.147/ and ignore www.google.co.uk but as far as I can see a
proxy is not required to ignore www.google.co.uk.
Regards,
Julian
----- Original Message -----
From: "Amos Jeffries" <squid3@xxxxxxxxxxxxx>
To: "Julian Gilbert" <julian@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
Cc: <squid-users@xxxxxxxxxxxxxxx>
Sent: Friday, July 04, 2008 12:47 AM
Subject: Re: Squid and HTTP Host value
Julian Gilbert wrote:
I am trying to configure squid 2.5 and looking for some assistance.
The first assistance we can give is upgrade to 3.0 or 2.7.
2.5 is well and truly obsolete now.
When I make client request to squid in the form:
GET http://66.102.9.147/
HOST www.google.co.uk
the squid proxy makes the following request to the web server:
GET /
HOST 66.102.9.147
How do I configure squid not to overwire the host value? The request from
squid should be sent as:
GET /
HOST www.google.co.uk
The client asked for http://66.102.9.147/, nothing to do with google as
far as HTTP is concerned. It's a security feature to prevent domain
hijacking.
Amos
--
Please use Squid 2.7.STABLE3 or 3.0.STABLE7
