Custom error pages not displayed for HTTPS



  • Hi everybody,

    From the wiki.squid-cache.org website, there seems to be a known bug concerning custom error pages :

    Custom error pages not displayed for HTTPS

    HTTPS uses HTTP CONNECT messages to relay through a proxy. Due to browser behaviour handling these CONNECT messages (described in https://bugzilla.mozilla.org/show_bug.cgi?id=479880) any custom error page produced by the proxy is ignored and a generic browser page displayed instead.

    Usually this browser page mentions connection faulure or other such irrelevant details.

    In fact any response other than 200 OK is completely dropped by the browser and the same browser template page displayed. This can lead to some very weird authentication problems when using HTTPS through an authenticated proxy as well for authentication schemes where the 407 message body has relevance.

    And from one of the last comment on the mozilla board, it seems that there's no hope of it being resolve anytime soon…

    I realize that I'm way late to the party here, but I want to echo what Henrik and Alex said - this fix is terrible for proxy admins (myself included).  Our proxy returns a 403 forbidden for filtered SSL content and an error page about why the content is blocked, and Firefox just drops all of it on the floor.  :(

    So my question is, is there a workaround? From my test, Firefox and Chrome are both concerned by this "security fonctionality"

    Any help would be greatly appreciated.


Log in to reply