On 12/2/19 5:22 PM, --Ahmad-- wrote: > You Said > “” > Yes, you can. Squid logs CONNECT headers and also HTTP headers of > incoming and outgoing decrypted HTTPS requests. Squid does not see (and > cannot log) HTTP headers of encrypted traffic inside CONNECT tunnels > that are not bumped using the SslBump feature, of course. > “” > Can you tell me example of headers of “Connect headers” and headers > inside “ connect Tunnel “ ? CONNECT requests are described, with examples, at https://tools.ietf.org/html/rfc7231#section-4.3.6 Any HTTP message (both headers and body) can be sent inside a CONNECT tunnel. Please note that when Squid is configured to intercept HTTPS/TLS connections, it treats the intercepted TCP connection as if that intercepted traffic was inside a CONNECT tunnel. Squid even fakes the CONNECT request in that case as if the TLS client sent a CONNECT request before securing the connection. Alex. >> On Dec 2, 2019, at 10:31 PM, Alex Rousskov wrote: >> >> Yes, you can. Squid logs CONNECT headers and also HTTP headers of >> incoming and outgoing decrypted HTTPS requests. Squid does not see (and >> cannot log) HTTP headers of encrypted traffic inside CONNECT tunnels >> that are not bumped using the SslBump feature, of course. > _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
