Re: [squid-users] No protocol or hostname part of url problem

From: Chris Robertson <crobertson@dont-contact.us>
Date: Tue, 28 Mar 2006 11:48:13 -0900

William K. Hardeman wrote:

> I'm hoping someone can help me figure out a resolution to a problem we
> are having. Preferably a Squid-based solution, although I'll take
> anything that gets this working. :-)
>
> We have 2 users who use a PDA-based application to perform safety
> audits on-site. When they return to their office, they connect the PDA
> to their computer, log in to the application provider's web-site with
> their browser, then, using the PDA, upload the results of the audit to
> the provider.
>
> We just deployed a Squid proxy out there this past weekend, and they
> cannot now upload to the provider. In investigating the problem, I
> have discovered that the PDA application does not properly form the
> POST urls. What the PDA sends as the POST url is on the order of
> '/url/form.asp' instead of 'http://host.dom.ain/url/form.asp'.
>
> In examining the flow of events on the wire, it looks like the reason
> it works without Squid is that the HTTP packet has the host: header
> properly set. It looks like Squid doesn't examine that header if there
> is no hostname in the url.
>
> Here's a tcpdump of one of the problem packets, with relevant parts
> commented to protect the innocent:
>
> POST /comm/login.asp HTTP/1.1
> Content-Type: application/x-www-form-urlencoded; charset=unicode
> Accept-Charset: unicode
> User-Agent: CeHttp
> Host: xxxxxxx.xxxxxxxxx.com
> Content-Length: 34
> Connection: Keep-Alive
> Cache-Control: no-cache
>
> sqsuser=xxxxxxx&sqspass=xxxxxxx
>
> I know the most proper answer to solving this is to see if the
> application provider has a fix for their broken application, but in
> the meantime, I have these users constantly bothering me about not
> being able to send their data. Anyone have any suggestions that could
> make Squid process these urls?
>
> Thanks,
> Will

I can see two possible ways to get Squid to handle this (since is it out
of RFC spec for client-proxy communication):

1) Set Squid up as an accelerator for this domain, and use the
httpd_accel_uses_host_header directive.
2) Use redirectors on these requests (assuming Squid will pass a
non-valid request to a redirector). You can use the redirector_access
with a req_header ACL to limit which requests are passed to the redirector.

I am not sure that either method will actually work, but it would
certainly be fun to try. For what it's worth, Squid is currently an
HTTP/1.0 proxy. It's likely that fact is going to cause further grief
with this broken client.

Chris
Received on Tue Mar 28 2006 - 13:48:21 MST

This archive was generated by hypermail pre-2.1.9 : Sat Apr 01 2006 - 12:00:04 MST