Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Custom error pages not displayed for HTTPS

    Scheduled Pinned Locked Moved Cache/Proxy
    1 Posts 1 Posters 488 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      Draven666
      last edited by

      Hi everybody,

      From the wiki.squid-cache.org website, there seems to be a known bug concerning custom error pages :

      Custom error pages not displayed for HTTPS

      HTTPS uses HTTP CONNECT messages to relay through a proxy. Due to browser behaviour handling these CONNECT messages (described in https://bugzilla.mozilla.org/show_bug.cgi?id=479880) any custom error page produced by the proxy is ignored and a generic browser page displayed instead.

      Usually this browser page mentions connection faulure or other such irrelevant details.

      In fact any response other than 200 OK is completely dropped by the browser and the same browser template page displayed. This can lead to some very weird authentication problems when using HTTPS through an authenticated proxy as well for authentication schemes where the 407 message body has relevance.

      And from one of the last comment on the mozilla board, it seems that there's no hope of it being resolve anytime soon…

      I realize that I'm way late to the party here, but I want to echo what Henrik and Alex said - this fix is terrible for proxy admins (myself included).  Our proxy returns a 403 forbidden for filtered SSL content and an error page about why the content is blocked, and Firefox just drops all of it on the floor.  :(

      So my question is, is there a workaround? From my test, Firefox and Chrome are both concerned by this "security fonctionality"

      Any help would be greatly appreciated.

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.