Search squid archive

Google nosslsearch

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Google provides a mechanism to enforce "safe search" at organizations such as elementary schools by causing requests for www.google.com to be handled by nosslsearch.google.com using DNS trickery, and then HTTP requests for searches will be transmitted in plain text to enable request rewriting without requiring SSL man-in-the-middle. (See https://support.google.com/websearch/answer/186669?hl=en Option 3 near bottom of page)

However, there seem to be many sites using a squid-based proxy but unable to implement the suggested DNS hack. It would be handy to be able to direct squid to use nosslsearch.google.com’s IP address for requests to http://www.google.com/. Because the Google server responds with a 302 redirect to anything other than Host: www.google.com, I’ve tried rewriting the HTTP URL in ICAP REQMOD adaptation from http://www.google.com/ to http://nosslsearch.google.com/ and leaving the Host header set to www.google.com. However, Squid rewrites the Host header to nosslsearch.google.com in the request it sends to the origin server, even with the "url_rewrite_host_header off” setting in squid.conf, and the Google server responds with HTTP 302.

Alternatively, it seems one can trick squid by using the IP address for nosslsearch.google.com in the system’s /etc/hosts file, like:

216.239.32.20 www.google.com

but that seems fragile.

Are there any better approaches to achieve the desired result?

Thanks,
Guy

Attachment: signature.asc
Description: Message signed with OpenPGP using GPGMail


[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux