On 3/05/20 12:58 am, Akshay Hegde wrote: > Dear Amos, > > Can you please elaborate, I didnt understand. If possible can you > explain with one example ? I mean behaviour of security and privacy > flaws when > strip_query_terms is on and when strip_query_terms is off. > That directive only affects the URLs visible in your logs etc. on the proxy machine. It's main purpose is to prevent security/privacy information leaks when site store sensitive info in the query-string of the URL. The benefit is that your service is not a vector for those leaks. On the other hand, it also prevents you being able to troubleshoot a lot of types of issue with any site using query strings. Both allowing a range of security attacks to hide themselves, and preventing you being aware when sensitive info is wrongly placed in the URL. It is up to you to decide which type of security/privacy issue is the most important to prevent. I bring this up because there have recently been several high-profile services caught for major credential leaks - noticed only because some people paid attention to their query-string's. Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
