Hi Mark,
On Mon, May 03, 2010 at 01:03:06PM -0700, Mark Hobley wrote:
> Doesn't the browser connect unencrypted to the proxy, and the proxy make a
> proxy to remote encrypted connection? Anyhow, this is working (and so is the
> filtering, apart from the wrong error message is causing a wait for infinity
> in some instances.
I'm proxying upstream's view on this.
08:12 < muks> jordi: i think i follow his bug report only now.. he is filtering
by domain, not url and asking why he's getting differing results
for HTTP and HTTPS requests
08:13 < muks> i think tinyproxy can't do any better than deny the request
without any errors, because when the browser wants to connect
using 'https://', it tries to start an SSL negotiation
08:14 < muks> tinyproxy doesn't do any SSL.. it doesn't link to openssl, etc.
adding all this just for error pages would make it ave a bulky
footprint
08:14 < muks> so the result is,
08:14 < muks> when tinyproxy gets an error, it still sends the error page back
08:14 < muks> (including blocked filtering attempts)
08:15 < muks> but the browser is expecting an SSL negotiation instead of a
plain HTTP respose
08:15 < muks> response
08:15 < muks> so it throws up the error that the remote proxy is denying
connections
08:20 < muks> (further to that, if tinyproxy _were_ to implement SSL error
pages, it's not just code work.. an admin would have to configure
it with SSL certificates, etc.)
08:20 < muks> it's too much of mish-mosh for very little gain
--
Jordi Mallach <jo...@debian.org>
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
