On 13/06/2015 2:08 a.m., Julianne Bielski wrote: > I have a general question about the use of the http Host request header by > reverse proxies. > > As I understand it, the Host request header is used by transparent forward > proxies as a way to route a request to the correct > origin server since, unlike with an explicit proxy, the host is not > included in the URI portion of the http method line. > > However, reverse proxies are always "transparent" from the perspective of > the client and the Host header is often used by the proxy > to map to the correct back end origin server. The term "transparent" has been overloaded so much its meaningless by itself. Beyond what you are asking and Anthony already answered well. There is the key difference of DNS involvement between reverse and interception proxy. A DNS lookup is used by the client to find and explicitly contact the reverse proxy. The proxy is able to use that as a guarantee that if the Host header does not contain a name its pre-configured for handling, that it can/must reject the request entirely. The same guarnatee for reverse proxies allows it make free use of all the origin server features of HTTP without causing security problems to the client/user. Thus the long list of problems at <http://wiki.squid-cache.org/SquidFaq/InterceptionProxy#Concepts_of_Interception_Caching> does not apply to reverse proxies. Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users