Can it be verified using some kind of dumps? The issues is that if I will try to access https://web.whatsapp.com/ it will probably won't work despite to the fact that I have or do not have a certificate.
>From my eyes it's not a certificate issue but rather a websocket one. The simplest way to see it would be using this firefox dump: curl "https://w1.web.whatsapp.com/ws"; -H "Host: w1.web.whatsapp.com" -H "User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:48.0) Gecko/20100101 Firefox/48.0" -H "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8" -H "Accept-Language: en-US,he;q=0.7,en;q=0.3" --compressed -H "Sec-WebSocket-Version: 13" -H "Origin: https://web.whatsapp.com"; -H "Sec-WebSocket-Extensions: permessage-deflate" -H "Sec-WebSocket-Key: 323TCNi3BxG0LJ+nTi2V1g==" -H "Connection: keep-alive, Upgrade" -H "Pragma: no-cache" -H "Cache-Control: no-cache" -H "Upgrade: websocket" I believe that we can somehow make sure how it will be secure "enough" to mangle the response headers and change any Connection into a "close" one and then splice the client and the server. It's not safe for many systems but when the sysadmins are using whatsapp to send internal messages it would be ridicules to restrict the network users for these apps. But in the other hand maybe the sysadmins are smart and the other users are not enough so I am not sure what would be the best option. For this case a configuration would be appropriate. Eliezer ---- <http://ngtech.co.il/lmgtfy/> Eliezer Croitoru Linux System Administrator Mobile: +972-5-28704261 Email: elie...@ngtech.co.il From: Chico Venancio [mailto:chicocvenan...@gmail.com] Sent: Thursday, September 8, 2016 11:05 PM To: Eliezer Croitoru Cc: squid-users@lists.squid-cache.org Subject: Re: [squid-users] Web Whatsapp, Dropbox... problem We had that trouble with whatsapp web. We simply put it in the splice rule. It seems whatsapp checks the client certificate. Chico Venancio Em 08/09/2016 16:09, "Eliezer Croitoru" <elie...@ngtech.co.il <mailto:elie...@ngtech.co.il> > escreveu: Hey, Can I reproduce this by just entering the url in chrome\chromium\firefox\Internet Exploere\Edge\other? I am testing Squid 4 but it's moving slow compared to what I could in the past. I have a squid 4 up and running and I will try to see if I can reproduce it. Can you provide more details about the squid.conf? Eliezer ---- Eliezer Croitoru Linux System Administrator Mobile: +972-5-28704261 <tel:%2B972-5-28704261> Email: elie...@ngtech.co.il <mailto:elie...@ngtech.co.il> -----Original Message----- From: squid-users [mailto:squid-users-boun...@lists.squid-cache.org <mailto:squid-users-boun...@lists.squid-cache.org> ] On Behalf Of erdosain9 Sent: Thursday, September 8, 2016 3:38 PM To: squid-users@lists.squid-cache.org <mailto:squid-users@lists.squid-cache.org> Subject: Re: [squid-users] Web Whatsapp, Dropbox... problem Finally i update to squid 3.5 and try the acl with dstdomain Craddock, Tommy wrote > Hello, > Create an ACL that will be a list of domains, either in the ACL or in > a txt file that the ACL refers to, and place any URLs you want > bypassed by the proxy into the ACL. Something like this: > ACL Section of your squid.conf: > acl bypass_dst_dom dstdomain "/etc/squid/bypass_dst_domain.txt" > Then in the http_access section: > http_access allow bypass_dst_dom But dosent work.... the web keep loading <http://squid-web-proxy-cache.1019090.n4.nabble.com/file/n4679426/Captura_de_pantalla_de_2016-09-08_09-40-14.png> -- View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/Web-Whatsapp-Dropbox-problem-tp4679299p4679426.html Sent from the Squid - Users mailing list archive at Nabble.com. _______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org <mailto:squid-users@lists.squid-cache.org> http://lists.squid-cache.org/listinfo/squid-users _______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org <mailto:squid-users@lists.squid-cache.org> http://lists.squid-cache.org/listinfo/squid-users
_______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
