Tsantilas Christos wrote:
> Jeremy Hall wrote:
>> If you chain proxies, does it help?
>
> Yep, thank you Jeremy, I know where forwarding
> Proxy-Authenticate/Proxy-Authorization headers needed. The problem is
> that currently squid3-trunk does not forwards these headers. My question
> is about the best way to implement forwarding these headers:
> a) Just forward them like squid2.6/squid3.0 does, or
> b) implement a configuration parameter to enable forwarding these headers
>
> Regards,
> Christos
>
Best consider the cases where such forwarding is needed.
I only know of the peer'ing case where login=PASS is configured.
That case could easily be dealt with by having the client_side ->
server_side clone drop the hop-by-hop headers and the following add of
headers, do a special clone only if login=PASS is configured for that
outbound peer.
I think in general such forwarding (against standards) could be slid in
as not forwarding per-se, but as next-hop value just happening to be the
same as the inbound one (which is standards compliant).
>
>>
>>>>> Tsantilas Christos <chtsanti@users.sourceforge.net> 5/2/2008 12:51
>>>>> PM >>>
>> Hi all,
>>
>> According to the rfc standard the Proxy-Authenticate and
>> Proxy-Authorization are hop-by-hop headers but in practice there are
>> cases where these headers should forwarded.
>> Currently squid2.6 and squid3.0 forward these headers, but
>> squid3-trunk does not.
>>
>> Does make sense to have a configuration parameter to allow/deny
>> forwarding of these headers?
>>
>>
>>
>
Amos
-- Please use Squid 2.6.STABLE20 or 3.0.STABLE5Received on Sat May 03 2008 - 03:26:53 MDT
This archive was generated by hypermail 2.2.0 : Tue May 13 2008 - 12:00:04 MDT