On 25/03/2016 1:24 a.m., Luis Daniel Lucio Quiroz wrote: > I understand, buggy I really need to take out this sniproxy in favor of > squid. > > I'm planning that this path needs the HTTP violation flag on compile time, > and by default value is off. So when turning on, it won't be an accident. > Host_verify_header would be a good name for this on/off option What you plan is not appropriate for general use. So a config option is not right. Like I said there is already malware out there capable of taking advantage of vulnerable proxy. Finding one gives the attacker ability to poison the proxy cache for a popular URL and turn every network device behind those proxy into zombies for a botnet. They can do that without leaving any sign in your logs. Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
