On 22/09/2015 6:25 a.m., Yuri Voinov wrote: > > This is dig result: > > ;; ANSWER SECTION: > torproject.org. 3600 IN A 93.95.227.222 > torproject.org. 3600 IN A 154.35.132.70 > torproject.org. 3600 IN A 86.59.30.40 > torproject.org. 3600 IN A 82.195.75.101 > torproject.org. 3600 IN A 38.229.72.16 > > This IP is banned. Completely. Outgoing packets are dropped by ISP. > > So this is critical to forward ALL session, starting with first packet, > into Privoxy, and, then to Tor tunnel. > > Otherwise session can't be established. > > The problem enforces with HSTS onto torproject.org URL. Completely > HTTPS. From first GET request. > > This can be solved with Tor Browser itself, but I want to find common > solution. > > This is very simple. Complete HTTPS session must be forward to parent > proxy at whole. Because of only HTTP's forwarding possibility is > meaningless in HSTS-enabled world. HSTS is opt-out. Strip the *response* header on the first contact and it disappears. > > This is feature request, Amos. Otherwise Squid lacks some critical > functionality. > Feature request implies something that is not supported being added. CONNECT relay already is supported and works well for many others, just apparently not for you. ... why? Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
