Re: invalid request

[Guy Harris <guy () alum mit edu>]

On Mar 13, 2012, at 11:42 PM, mustafa wrote:

> it might be the problem is sending ssl over http because i configure squid in the intercept mode, but squid know how 
> to deal with ssl,

Yes, it knows how to deal with SSL being sent directly to port 80 - it rejects it, as it should, just as a regular Web 
server will!

Either HTTP-over-SSL/TLS traffic should go to port 443:

        http://tools.ietf.org/html/rfc2818

or should start out as plain HTTP to, say, port 80, and upgrade to HTTP-over-SSL/TLS:

        http://tools.ietf.org/html/rfc2817

> i want to know what is the cause to block it , or find solution to it using squid

If the problem is that some browser or other client is sending SSL to port 80, the solution to it is to fix the browser 
or other client to stop doing so.

If the problem is that some device between the browser or client and the Squid proxy is sending SSL to port 80, the 
solution to it is to fix that device.

If the problem is that Squid is deciding to send SSL to port 80 in response to a properly-formed client request, the 
solution to it is to fix Squid.  How to do that is a question that should be asked on a mailing list for Squid, not for 
Wireshark; you're far more likely to find the people who know the answer to your question there (I don't know what the 
answer is, having never configured Squid in my life).
___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe