On 08/02/11 05:16, Luis Enrique Sanchez Arce wrote:
I have configure external acl in squid. If the external acl return ERR and the request is HTTPS the proxy return connection refuse. What is the possible problem ?. If the request is HTTP squid show a page with access denied.
Problem is malicious people attacking web browsers in ways that made them decide never to show the user the body of any response to CONNECT.
There is no way you can make the error page show up when the browser decides not to show it.
NP: If you want to use a special custom URL in deny_info the newly released squid-3.1.11 includes support for HTTP/1.1 307 redirects to an error page, some browsers (Firefox and Iceweasel so far) support that response to CONNECT.
Amos -- Please be using Current Stable Squid 2.7.STABLE9 or 3.1.10 Beta testers wanted for 3.2.0.4
