Safari ignores Squid blocking rules for https sites
Hi,
i'm using a squid proxy server within my network. I'm trying to protect my family from several dangerous sites by blocking them with the proxy. i recently discovered that Safari is ignoring the blocking-rules i set by loading the site through https even when its receiving a 403 error.
within my squid.conf i defined the acl
acl forbidden_domains dstdomain "/etc/squid/forbidden_domains.acl"
to deny connections to domains mentioned within the forbidden_domains.acl file by using
http_access deny CONNECT forbidden_domains
The forbidden_domains.acl file contains lines like
.thisisanotallowed.com
My Problem is, that when i connect to a forbidden domain by ussing ssl (https) Safari is receiving the message
TCP_DENIED/403 CONNECT
from the proxy but it continues to load the site.
I don't understand why. Our Firewall does only allow the Proxy server to establish connections on port 80 and 443. No other mac is allowed to access the net on these ports directly.
I thought it could be a configuration issue, so i tried other browsers. But Firefox worked like it should by not loading the site. In OSX the https proxy setting is set correctly. The proxy server works fine only Safari is breaking through is blocking rules somehow.
Unfortunately we don't want to use other browsers than safari (if it could be avoided!) ... is there a way to get Safari to obey the proxy blocking rules?
i'm working on this for a while now. i really need help on this!!!
Thank you 😉
MacBook Pro, OS X Mountain Lion (10.8.4), Safari SSL HTTPS Squid Proxy