Search squid archive

Re: Host header forgery policy in service provider environment

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 2015-12-31 13:31, Amos Jeffries wrote:
On 2015-12-31 00:01, Garri Djavadyan wrote:
Hello Squid members and developers!

First of all, I wish you a Happy New Year 2016!

The current Host header forgery policy effectively prevents a cache
poisoning. But also, I noticed, it deletes verified earlier cached
object. Is it possible to implement more careful algorithm as an
option? For example, if Squid will not delete earlier successfully
verified and valid cached object and serve forged request from the
cache if would be more effective and in same time secure behavior.


This seems to be describing <http://bugs.squid-cache.org/show_bug.cgi?id=3940>

So far we don't have a solution. Patches very welcome.

Amos

Amos, thank you very much, bug <http://bugs.squid-cache.org/show_bug.cgi?id=3940> exactly the same problem I encountered! I've tested the proposed patch and updated the bug report.

Kind Regards,
Garri
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users




[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux