Search squid archive
Re: Identifying POSTs over https
|[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]|
On 19/05/2012 3:19 a.m., Harry wrote:
Hello, For a site like drive.google.com that allows you to upload files over HTTPS, I would like to be able to place an upper limit on the size of the files that can be uploaded. Using the HttpFox addon for Firefox, I can see that a whole bunch of GETs and POSTs get sent by the browser over HTTPS during the file upload process, with the actual file being sent by one of those POSTs. The problem is, my ACL based on method POST -- "acl post method POST" -- fails to match any of these POSTs! I can control POST-based file uploads over *HTTP* just fine by using an external ACL that checks for the size with the help of a external shell script. I'd like to be able to do the same for POSTs over HTTPS also. (I'm using Squid 2.6. ) Could someone please suggest a way?
Decrypt the SSL layer. That is the *only* way to know what is happening inside the encryption.
Firefox can see what is inside the encryption becasue it is the software adding the encryption around those things. SSL is designed specifically to prevent other software from seeing them.
A better policy is to limit total bandwidth per client. If they choose to upload/download large files they can suffer the consequences of the bandwidth wastage. Other clients who choose small files can do many page viewings without any problems. This also avoids the difficult problems of identifying which requests are files, and which requests are streams, etc, etc.
[Linux Audio Users] [Photo] [Yosemite News] [Samba] [Video Projectors] [Video Devices] [Big List of Linux Books] [LCD TVs] [Webcams] [Linux USB]