On 19/04/17 13:12, Dan Charlesworth wrote:
Hi everyone, This is a super weird one! This Pressreader site (http://sheppartonnews.pressreader.com/shepparton-news) gets a totally different (erroneous) response from the server when accessing it through squid on a particular school's network. It doesn’t happen through any other squid box on any other network I’ve tried, yet at this site you bypass squid through the same gateway and its fine; you use squid and it fails. The only errors I can see in the browser (that happen when it fails) are CORS errors on several of the requests. Comparing the headers it looks like the erroneous requests lack these from the response: Access-Control-Allow-Credentials: true Access-Control-Allow-Origin: http://sheppartonnews.pressreader.com Access-Control-Expose-Headers: ndstate,X-PD-AProfile,X-PD-Profile,X-PD-Ticket,X-PD-Auth,X-PD-PAuth,X-PD-Token No, the squid config we’re using never touches headers. Every HTTP/S request from the client is being allowed and is a 200/304 in both situations. (see attached for the full request response headers) Make any sense to anyone?
Squid does not touch these headers itself unless you configure it to. So something there is altering them. It may be external MITM stuff, or Squid coping with broken input.
Try adding "debug_options 11,2" to see what is actually arriving and leaving that proxy.
Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
