Re: [squid-users] Web content filtering/modification

From: Alex Rousskov <rousskov_at_measurement-factory.com>
Date: Thu, 09 Oct 2008 11:29:43 -0600

On Thu, 2008-10-09 at 08:53 -0700, Puze Yang wrote:

> Please bear with me as I am new to the proxy server filed and my question must be a basic one.
> For re-branding purpose, in a intranet environment, a HTTPS requests from Client browser is
> sent to the Proxy Server, and the Proxy Server in turn request a HTTPS page
> from an internal Web Server.
> Once the content retrieved from the Web Server, the Proxy Server needs
> to replace some particular texts, and then send the modified content to
> the Client.
>
> The question is, whether HTTPS traffic can be "changed" by using Squid
> or do you know any other software may do?

Squid can change HTTPS traffic if (a) end user allows it to do so and
(b) there is some software that does content adaptation on the decoded
traffic. For more information, including many caveats, please see

        http://wiki.squid-cache.org/Features/SslBump
        http://wiki.squid-cache.org/Features/DynamicSslCert
and
        http://wiki.squid-cache.org/SquidFaq/ContentAdaptation

If you are using Squid as a reverse proxy (a.k.a., accelerator or
surrogate -- clients are thinking that your Squid is the origin server),
then you do not need the SslBump component.

HTH,

Alex.
Received on Thu Oct 09 2008 - 17:29:58 MDT

This archive was generated by hypermail 2.2.0 : Fri Oct 10 2008 - 12:00:02 MDT