On 06/27/2016 10:23 AM, Ozgur Batur wrote: > ICAP handles plain HTTP very well but it is not possible to > filter/change or even log content of websocket communication after > websocket upgrade over HTTP as far as I know. Is there any plan or > interest in developing some capability for Squid to control websocket > communication content? There is interest but no specific plan or sponsor. > There is no defined request/response protocol since websocket is > basically a socket but regexp matching in incoming and outgoing > content(json, xml,raw) with URL and client metadata info may have some > application like data leak prevention or achieving in corporate environment. I am not sure regex would be a good idea in general, but passing tunneled traffic to eCAP/ICAP services is indeed useful in several environments, including WebSocket tunnels. The adaptation service will decide whether to use regex or something else to match raw data. Some existing services simply log (or relay/replay via TCP) received traffic without analyzing it so regex is just one of many possibilities here. FWIW, several things are needed to move forward, including: 1. Adequate development time and skills (or sponsorship to pay for them). The development of an essentially new adaptation vectoring point is not a trivial project. 2. A specific proposal on how to map raw/tunnel data to HTTP messages that eCAP and ICAP interfaces expect. The biggest difficulty here may be mapping server-speaks-first protocols. 3. A project lead to organize/manage the project and guide the results through the Squid Project review. This person could be the primary developer and/or the specs writer, but does not have to be. Alex. _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
