I started using chrome on the RHEL7 beta after some firefox hangs - but maybe this behavior is generic. I have the system 'network settings/network proxy' set to use squid on another host for connections out of the private range we use. This proxy requires authentication so I can always tell the first time a browser uses it. However, I can start a chrome connection to gmail and it just goes direct (which happens to work, I just prefer the proxy which will use a different outbound route). If I go to any non-google site, it uses the proxy and will pop up the expected authentication dialog on the first connection. Does anyone know (a) why it bypasses the proxy when going to a google site, (b) why it doesn't have its own internal proxy settings, or (c) how to fix it?
On 06/11/2014 08:10 PM, Les Mikesell wrote:
I started using chrome on the RHEL7 beta after some firefox hangs - but maybe this behavior is generic. I have the system 'network settings/network proxy' set to use squid on another host for connections out of the private range we use. This proxy requires authentication so I can always tell the first time a browser uses it. However, I can start a chrome connection to gmail and it just goes direct (which happens to work, I just prefer the proxy which will use a different outbound route). If I go to any non-google site, it uses the proxy and will pop up the expected authentication dialog on the first connection. Does anyone know (a) why it bypasses the proxy when going to a google site, (b) why it doesn't have its own internal proxy settings, or (c) how to fix it?
As far as I understood, Chrome is in tight connection with Google services, possibly hard-coded into it. But to be fair, I only used it occasionally when I need to fix something gone wrong with it. I prefer Firefox.
On 6/11/2014 4:57 PM, Ljubomir Ljubojevic wrote:
As far as I understood, Chrome is in tight connection with Google services, possibly hard-coded into it.
not really, other than the option to connect it to your google profile so all your system's browsers can share bookmarks and history. otherwise, its just another web browser, one that happens to have a very fast/stable version of JavaScript (which is what Google Apps/Documents, Maps, etc are implemented in).
On Wed, Jun 11, 2014 at 11:10 AM, Les Mikesell lesmikesell@gmail.com wrote:
However, I can start a chrome connection to gmail and it just goes direct (which happens to work, I just prefer the proxy which will use a different outbound route). If I go to any non-google site, it uses the proxy and will pop up the expected authentication dialog on the first connection. Does anyone know (a) why it bypasses the proxy when going to a google site, (b) why it doesn't have its own internal proxy settings, or (c) how to fix it?
Did you configure the proxy for HTTPS? Gmail uses HTTPS exclusively these days, the certificate is pinned (hard coded) in Chrome to prevent spoofing, maybe the protocol is too. Time for 'tcpdump'?
Gé
On Wed, Jun 11, 2014 at 11:22 PM, Gé Weijers ge@weijers.org wrote:
On Wed, Jun 11, 2014 at 11:10 AM, Les Mikesell lesmikesell@gmail.com wrote:
However, I can start a chrome connection to gmail and it just goes direct (which happens to work, I just prefer the proxy which will use a different outbound route). If I go to any non-google site, it uses the proxy and will pop up the expected authentication dialog on the first connection. Does anyone know (a) why it bypasses the proxy when going to a google site, (b) why it doesn't have its own internal proxy settings, or (c) how to fix it?
Did you configure the proxy for HTTPS? Gmail uses HTTPS exclusively these days, the certificate is pinned (hard coded) in Chrome to prevent spoofing, maybe the protocol is too. Time for 'tcpdump'?
Yes, that turned out to be the problem. I had only set http in the system settings and must have bookmarked/saved the https url so it didn't even need the initial redirect.
Makes me wonder what happens if a site uses spdy://
On Thu, Jun 12, 2014 at 10:10 AM, Les Mikesell lesmikesell@gmail.com wrote:
On Wed, Jun 11, 2014 at 11:22 PM, Gé Weijers ge@weijers.org wrote:
On Wed, Jun 11, 2014 at 11:10 AM, Les Mikesell lesmikesell@gmail.com wrote:
However, I can start a chrome connection to gmail and it just goes direct (which happens to work, I just prefer the proxy which will use a different outbound route). If I go to any non-google site, it uses the proxy and will pop up the expected authentication dialog on the first connection. Does anyone know (a) why it bypasses the proxy when going to a google site, (b) why it doesn't have its own internal proxy settings, or (c) how to fix it?
Did you configure the proxy for HTTPS? Gmail uses HTTPS exclusively these days, the certificate is pinned (hard coded) in Chrome to prevent
spoofing,
maybe the protocol is too. Time for 'tcpdump'?
Yes, that turned out to be the problem. I had only set http in the system settings and must have bookmarked/saved the https url so it didn't even need the initial redirect.
-- Les Mikesell lesmikesell@gmail.com _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
On Thu, Jun 12, 2014 at 10:33 AM, Billy Crook bcrook@riskanalytics.com wrote:
Makes me wonder what happens if a site uses spdy://
I'd expect that to be the case for chrome talking to gmail. But it is supposed to run over https://.
-
Billy Crook -
Gé Weijers -
John R Pierce -
Les Mikesell -
Ljubomir Ljubojevic