firefox(20.0.1) is ignoring my proxy server for google searches from website and the search box. It works for all other search engines and chrome/safari.
firefox(20.0.1) squid (port 3128) and dansguardian (port 8080) not running in transparent mode. I am applying blacklists and a custom url regex to apply "safe=vss", this works for all browsers and all search engines except firefox using google search engine. Search engines tested (bing, yahoo, norton, ask, amazon, avg, ebay) - all work. Links from the search results are blocked by content filter, but search results still appear and google images are still shown. This does not happen in Chrome(23.0.1271.97), IE9(9.0.8), Opera(12.14) or Safari(5.1.7) with the same settings. No log entry appears in Dansguardian access.log implying proxy settings are being ignored for just this combination.
All Replies (4)
I can't think of a reason that one particular webpage would behave differently from all the others, i.e., if you are starting at google.com and running a search using the form in the page, I'm not aware of any reason for Firefox to handle that specially just because it's Google.
Does it make a difference if you disable JavaScript when using Google? If that yields the results you expect, perhaps Google's XMLHttpRequest AJAX traffic is bypassing your filters?
The search bar has its own code, so someone would need to look at that to see whether/why it bypasses your proxy if the above hypothesis does not apply.
Hi jscher2k,
I think I've found the answer - with your prompting. I'd realized google was using SSL and modified my regex to match both, but did not realize Squid/Dansguardian will ignore SSL sites: (from Squid docs)
HTTPS was designed to give users an expectation of privacy and security. Decrypting HTTPS tunnels without user consent or knowledge may violate ethical norms and may be illegal in your jurisdiction. Squid decryption features described here and elsewhere are designed for deployment with user consent or, at the very least, in environments where decryption without consent is legal. These features also illustrate why users should be careful with trusting HTTPS connections and why the weakest link in the chain of HTTPS protections is rather fragile. Decrypting HTTPS tunnels constitutes a man-in-the-middle attack from the overall network security point of view. Attack tools are an equivalent of an atomic bomb in real world: Make sure you understand what you are doing and that your decision makers have enough information to make wise choices.
I will have a look at a regex rewrite to force http.
Thanks again...
You also can switch Firefox's search services from HTTPS to HTTP. For example, see this similar earlier thread: Unable to connect to proxy due to automatic https.
same probleme with safeserach of google (squid, squidguard) with new version of firefox . With Internet , it's work too with google. in url safe=active or strict is not present.