Squid3-devel + squidGuard-squid3 - double https redirection
-
squid3-dev 3.3.10 pkg 2.2.1 + squidGuard-squid3 1.4_4 pkg v.1.9.5
Blocked pages at sites such https://www.google.com doesn't show the redirect page when the link is also https.
Example searching DansGuardian versus SquidGuard at Google:
https://www.google.es/url?sa=t&rct=j&q=&esrc=s&source=web&cd=3&ved=0CE4QFjAC&url=https://www.linuxquestions.org/questions/linux-security-4/dansguardian-squidguard-web-filter-squid-614865/&ei=WWYvU8C8GK-A7QbqtYGoBg&usg=AFQjCNEeZZd9J2VbGx3yduXd6fyDaoKmLw&sig2=h9otDnJpDh-tsAtiuKW7pQ&bvm=bv.62922401,d.ZGU
If I open the link in a new tab or window the redirect page is shown.
![Captura de 2014-03-24 00:09:56.png](/public/imported_attachments/1/Captura de 2014-03-24 00:09:56.png)
![Captura de 2014-03-24 00:09:56.png_thumb](/public/imported_attachments/1/Captura de 2014-03-24 00:09:56.png_thumb) -
Try to play with redirect link type (ext & co)
-
But http://squid-web-proxy-cache.1019090.n4.nabble.com/Squidguard-redirect-and-https-td4662707.html
The problem is not Squid nor HTTPS.
The problem is that the HTTP protocol has a standard that allows
redirection and the HTTPS protocol does not.
The HTTPS protocol was designed to be secure and does not allow
any type of interference. -
Try to play with redirect link type (ext & co)
My redirect page is external
Redirect mode Select redirect mode here. Note: if you use 'transparent proxy', then 'int' redirect mode will not accessible. Options:ext url err page , ext url redirect , ext url as 'move' , ext url as 'found'. Redirect info http://www.mydomain.tld/denied.php?a=%a&n=%n&i=%i&s=%s&t=%t&u=%u Enter external redirection URL, error message or size (bytes) here.
-
But http://squid-web-proxy-cache.1019090.n4.nabble.com/Squidguard-redirect-and-https-td4662707.html
The problem is not Squid nor HTTPS.
The problem is that the HTTP protocol has a standard that allows
redirection and the HTTPS protocol does not.
The HTTPS protocol was designed to be secure and does not allow
any type of interference.The link refers to squid2, without SSL interception possibility.
I'm using squid3-devel package with SSL interception (SSL Bump, man-in-the middle based). It's intercepting SSL without any troubles.
http://translate.google.com/translate?hl=en&sl=es&tl=en&u=http%3A%2F%2Fforum.pfsense.org%2Findex.php%3Ftopic%3D73007.msg402349%23msg402349
Google https pages with https links are also intercepted. But when I click the link the redirect page is not opened. However, opening the page in a new tab or window browser the redirect page appears.
Curious! It's FireFox 27.0.1 fault? I just tried with Chromium 32.0.1700.107 and I've got the redirect page!