I just read "RFC 2616 compliant proxy will rewrite the Host header making it impossible to do domain fronting over HTTP or where SSL/TLS interception is taking place", also checked RFC 2616 page at squid site, it is unclear to me that if squid can enforce host-header consistence with SNI to avoid domain fronting whenever needed? or this should be done by c-icap/redirector under peek+bump mode?
Gordon
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
