Merge branch 'feature/KASM-2637-web-filter-blocks-access-to-https-sites-not-on-443' into 'develop'

KASM-2637 Removed rules blocking non 443 CONNECT command

Closes KASM-2637

See merge request kasm-technologies/internal/workspaces-core-images!61
This commit is contained in:
Justin Travis 2022-05-16 19:27:17 +00:00
commit 156ada9b1f

View File

@ -16,7 +16,6 @@ ssl_bump splice ssl_bypass_domains
ssl_bump splice ssl_bypass_ips
ssl_bump bump all
acl SSL_ports port 443
acl CONNECT method CONNECT
# The following two lines are an example of how we can leaverage squid to block ports, there can be as
@ -24,7 +23,10 @@ acl CONNECT method CONNECT
#acl Safe_ports port 443 # https
#http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
# Users need to connect to non 443 ports for https traffic. We comment out the standard deny here.
#acl SSL_ports port 443
#http_access deny CONNECT !SSL_ports
http_access allow localhost manager
http_access deny manager
http_access allow localhost