Search squid archive

Re: Cant login to certain flash page via squid?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 20.06.2012 09:13, Terry Dobbs wrote:
When users are going through squid there are certain pages, like the one
I mentioned where you just can't click a specific button. It always
seems flash related. If I reconfigure this user to not use squid I can
use the page just fine. This leads me to believe its not solely a
browser issue.

When I say I told it to ignore I meant in the squid.conf file, where I
allowed access to that specific domain without any kind of
authentication. Thinking about it, I understand this step is pretty
pointless as squid still processes the site. However I have had success in the past by allowing access to sites before the proxy_auth required
command.

Not really sure what the issue is, but it seems to happen with just a
handful of random sites.


Flash player is separate software not permitted access to the browsers internal password manager information. * Flash player does not provide any means for users to enter passwords unless the HTTP request is a GET. * Flash script frameworks do not provide easily available support unless the HTTP request is a POST. * recent Flash versions prevent HTTP authentication unless the visited *website* provides explicit file-based (ONLY file based) CORS support for the relevant headers. NP: as documented this would prohibit Proxy-Authentication.


Website authentication only works if the author who wrote the script knows how to write a) the user I/O interface and b) the relevant encryption algorithms (rare for anything better than Basic auth), and c) adds explicit CORS support to their site. AND decided it was worth the trouble.


As a result HTTP authentication of any type rarely works in Flash applications. Proxy authentication has never been reported working, not to say it can't, just that in my experience nobody has ever mentioned seeing it happen despite common complaints here and in many other places online.


Personally I rate Flash as a worse problem than Java in this regard. At least Java provides libraries and API making it easy for developers who know where to look (most seem not to use it, but that is a knowledge/time issue not a technical barrier).

Amos



[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux