On 6/01/2016 10:10 p.m., Garri Djavadyan wrote: >> On 2015-12-31 00:01, Garri Djavadyan wrote: >>> Hello Squid members and developers! >>> >>> First of all, I wish you a Happy New Year 2016! >>> >>> The current Host header forgery policy effectively prevents a cache >>> poisoning. But also, I noticed, it deletes verified earlier cached >>> object. Is it possible to implement more careful algorithm as an >>> option? For example, if Squid will not delete earlier successfully >>> verified and valid cached object and serve forged request from the >>> cache if would be more effective and in same time secure behavior. >> >> >> This seems to be describing >> <http://bugs.squid-cache.org/show_bug.cgi?id=3940> >> >> So far we don't have a solution. Patches very welcome. >> >> Amos > > Amos, can recheck the bug report? I found the root cause of the problem > and presented possible prototype solution, which solves the problem in > my environment. Thank you in advance! Got the bug update notice. The double-check may take a while to track down all the side effects. Thank you very much in advance anyhow. :-) Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
