Search squid archive

ICAP and 403 Encapsulated answers (SSL denied domains)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello all,

I'm playing with Squid4 and e2guardian as ICAP server.

I'm seeing something I misunderstand, when a SSL website is blocked e2guardian returns a encapsulated "HTTP/1.1 403 Forbidden" header this part seems good to me with an encrypted website a denied or redirection page can't be added

But unfortunately Squid adds a "Connection: keep-alive" header and if I just reload the page I'm waiting a timeout a long moment, (and there is no ICAP request between squid and e2) it's like the previous connection still opened.

So the first request is well denied, but the second is without answer

I tried to add "Connection: close" in encapsulated header from e2guardian without more success, but anyway "Connection: close" value is removed by squid

I'm doing something wrong ? This wastes connections and from user point of view the proxy is (very) slow, for example with ADS filtering some websites freezes

FI the request is well denied in squid and E2 logs

Maybe this is a bug, but I don't known if the issue is from Squid or E2 ? What is the correct response from an ICAP server with a denied SSL website request ?

Thank you

Fred



_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users




[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux