Re: [squid-users] Host header forgery

From: Warren Baker <warren_at_decoy.co.za>
Date: Mon, 27 Feb 2012 14:08:38 +0200

On Mon, Feb 27, 2012 at 12:58 PM, Amos Jeffries <squid3_at_treenet.co.nz> wrote:
>
> It is best to consider interception an action of last resort, for this any
> many other reasons.

yeah of course.

>
> 3.2.0.15+ will do a soft-fail type behaviour, which allows the request
> through but does not allow caching of the response and only relays the
> original destination IP. Which hides the problems from client visibility, at
> cost of some cache HITs.

ok interesting - I assume this will be some config option?

Thanks Amos.

-- 
.warren
Received on Mon Feb 27 2012 - 12:08:45 MST

This archive was generated by hypermail 2.2.0 : Tue Feb 28 2012 - 12:00:10 MST