[squid-users] Host header forgery

From: Warren Baker <warren_at_decoy.co.za>
Date: Mon, 27 Feb 2012 12:27:29 +0200

HI all,

Just a question with regards to 3.2.0.X and 'Host header forgery'
detection. If there are multiple name servers specified on the client
and squid and for whatever reason (timeout,network problem etc.) the
client uses a different name server to resolve a site (eg facebook) to
what Squid uses - then this problem seems to pop up. So since there is
no guarantee on what name server the client uses I guess the only
alternative is to enforce WPAD or browser settings.

Thanks

-- 
.warren
Received on Mon Feb 27 2012 - 10:27:39 MST

This archive was generated by hypermail 2.2.0 : Mon Feb 27 2012 - 12:00:04 MST