- From: Willy Tarreau <w@1wt.eu>
- Date: Thu, 19 Jul 2012 12:02:28 +0200
- To: Anil Sharma <asharma@sandvine.com>
- Cc: Roberto Peon <grmocg@gmail.com>, Paul Hoffman <paul.hoffman@gmail.com>, Phillip Hallam-Baker <hallam@gmail.com>, "grahame@healthintersections.com.au" <grahame@healthintersections.com.au>, "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>, Mike Belshe <mike@belshe.com>
On Thu, Jul 19, 2012 at 09:55:54AM +0000, Anil Sharma wrote: > " in HTTP they always force safesearch to on in outgoing > requests so that they rely on google's ability to filter out unsuitable > contents. In HTTPS they obviously can't do this so google images then > becomes a single-handed browsing tool." > > Didn't understand this point? From compute server point of view (which is providing you search results) it shouldn't matter whether transport used was secure or not? > Did I miss something? When the request is sent in clear text, the proxy modifies it to force "safesearch=on" in the requests so that Google refrains from returning unsuitable contents. In https, it obviously cannot force that on the users' request so the user has complete access to the whole internet cached in "google images". There are places where this type of access is not accepted at all so google is not in the SSL whitelist. Regards, Willy
Received on Thursday, 19 July 2012 10:02:55 UTC