Encrypted browser-Squid connection

Post enhancement requests here.

Encrypted browser-Squid connection

Postby sbskas » Tue Apr 26, 2016 4:42 pm

In firefox and chrome, there is support for SSL connection to the proxy.
This feature permits to encrypt all trafics between the client and the proxy server.
http://wiki.squid-cache.org/Features/HTTPS describe with more details the whole concept.
This configuration is not available through normal parameter, it has to be activated using a .pac file.
If the getproxyforurl returns a string in the form "HTTPS myproxy:8080" then the communication between browser and squid server will use an https connection.

It has been successfully implemented and tested on mozilla firefox and google chrome browser on linux, mac and windows platforms.

This feature is especially useful when one does not want to expose services to the internet but still want some chosen person to be able to use the service through an authenticated proxy server.

By looking at the source of foxyproxy, the pac response is parsed but there is no support for HTTPS response.
Support for this feature should be quite simple.
sbskas
 
Posts: 6
Joined: Mon Apr 25, 2016 10:32 am

Re: Encrypted browser-Squid connection

Postby admin » Tue Apr 26, 2016 4:50 pm

Thanks, we are aware of the missing feature. We will add it shortly.
ref: viewtopic.php?f=3&t=1819&p=4184
admin
Site Admin
 
Posts: 68
Joined: Tue Nov 30, 2010 9:02 pm

Re: Encrypted browser-Squid connection

Postby admin » Sun May 01, 2016 6:43 pm

I did some research on this. There is no support for this in the Firefox GUI yet.
https://bugzilla.mozilla.org/show_bug.cgi?id=378637
But you can do it with FoxyProxy this way:
Select "Automatic Proxy Configuration" in the Proxy Details tab (This is another name for a PAC file)
Create a file on your computer that looks like this:
Code: Select all
FindProxyForURL(){return HTTPS host:port;}

where host:port are the servername and port number of your HTTPS proxy
In the FoxyProxy extension, click the "..." and select the file you just created.

That's it. The end of https://bugzilla.mozilla.org/show_bug.cgi?id=378637 explains how to do this with Firefox natively.

please let me know if this works for you!

thanks you.
admin
Site Admin
 
Posts: 68
Joined: Tue Nov 30, 2010 9:02 pm

Re: Encrypted browser-Squid connection

Postby sbskas » Sun May 01, 2016 11:51 pm

It seems to work ok on foxyproxy_chrome.
It breaks with foxyproxy_firefox.
By looking at the code, it seems foxyproxy_firefox tries to parse the output of the pac file and forget the "HTTPS" case.
I've seen two place in the code where the pac file is parsed:
http://code.getfoxyproxy.org/Foxyproxy_ ... xy.js#n738
http://code.getfoxyproxy.org/Foxyproxy_ ... xy.js#n656

Maybe there are other places to correct.
sbskas
 
Posts: 6
Joined: Mon Apr 25, 2016 10:32 am

Re: Encrypted browser-Squid connection

Postby admin » Mon May 02, 2016 5:38 pm

Thank you. One of us will fix it.
admin
Site Admin
 
Posts: 68
Joined: Tue Nov 30, 2010 9:02 pm

Re: Encrypted browser-Squid connection

Postby admin » Tue May 03, 2016 7:10 pm

There is an error in the code I posted. It should be this:

Code: Select all
FindProxyForURL(){return "HTTPS host:port";}


Note the quotation marks. Can you please try again in FoxyProxy for Firefox?
admin
Site Admin
 
Posts: 68
Joined: Tue Nov 30, 2010 9:02 pm

Re: Encrypted browser-Squid connection

Postby sbskas » Wed May 18, 2016 7:23 pm

I did correct the string at the first try.
Problem is stil present with your new pac file.
sbskas
 
Posts: 6
Joined: Mon Apr 25, 2016 10:32 am

Re: Encrypted browser-Squid connection

Postby admin » Wed May 18, 2016 7:28 pm

Yes, you were right that we need some code changes in the way FoxyProxy parses the PAC file. We will fix it.
admin
Site Admin
 
Posts: 68
Joined: Tue Nov 30, 2010 9:02 pm

Re: Encrypted browser-Squid connection

Postby admin » Wed May 18, 2016 9:15 pm

BY the way, we offer HTTPS proxy connections on all of our paid proxy servers now (https://getfoxyproxy.org/proxyservice)
admin
Site Admin
 
Posts: 68
Joined: Tue Nov 30, 2010 9:02 pm

Re: Encrypted browser-Squid connection

Postby admin » Sat Jan 21, 2017 5:05 pm

Hello,

This is now supported natively by the FoxyProxy for Firefox addon. Version 4.6.1 for FoxyProxy Standard and 3.6.1 for FoxyProxy Basic. Just check the "SSL proxy?" checkbox on the Proxy Details tab. Make sure you change the port. We use port 4443 for this but your proxy servers may use something else.

Screenshot:


Image
admin
Site Admin
 
Posts: 68
Joined: Tue Nov 30, 2010 9:02 pm


Return to Feature Requests / Enhancements

cron