Re: [squid-users] HTTPS Reverse proxy with HTML contents rewrite

From: Merton Campbell Crockett <mcc@dont-contact.us>
Date: Fri, 7 Nov 2003 08:28:54 -0800 (PST)

On Fri, 7 Nov 2003, Henrik Nordstrom wrote:

> On Fri, 7 Nov 2003, Souchon Yann wrote:
>
> > Apache with mod_proxy can make this very simply.
>
> So can Squid-2.5 and later.
>
> > But I have a problem, that Apache can't help me.
> >
> > The links on the HTML pages (WEB SERVER) are not relatives, but full.
>
> Ouch.. for this (without touching the application or web server) you need
> a content rewriting proxy. Squid is not such.
>

Apache using mod_rewrite would be the answer. The <VirtualHost ...:80>
would need to have a redirect to 443. The problem will be the annoying
notices about leaving or entering a protected site.

A possibility is to rewrite the original request to go to a second, internal
virtual host on your DMZ system. This host uses PHP to retrieve the content
from the internal system and replaces all occurrances of http: to https: and
returns the content to the original virtual host that returns it to the
external client.

Merton Campbell Crockett

-- 
BEGIN:				vcard
VERSION:			3.0
FN:				Merton Campbell Crockett
ORG:				General Dynamics Advanced Information Systems;
				Intelligence and Exploitation Systems
N:				Crockett;Merton;Campbell
EMAIL;TYPE=internet:		mcc@CATO.GD-AIS.COM
TEL;TYPE=work,voice,msg,pref:	+1(805)497-5045
TEL;TYPE=fax,work:		+1(805)497-5050
TEL;TYPE=cell,voice,msg:	+1(805)377-6762
END:				vcard
Received on Fri Nov 07 2003 - 09:31:33 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:21:11 MST