Re: Mandatory encryption

On Thu, Jul 19, 2012 at 09:55:54AM +0000, Anil Sharma wrote:
> " in HTTP they always force safesearch to on in outgoing
> requests so that they rely on google's ability to filter out unsuitable
> contents. In HTTPS they obviously can't do this so google images then
> becomes a single-handed browsing tool."
> 
> Didn't understand this point? From compute server point of view (which is providing you search results) it shouldn't matter whether transport used was secure or not?
> Did I miss something?

When the request is sent in clear text, the proxy modifies it to force
"safesearch=on" in the requests so that Google refrains from returning
unsuitable contents. In https, it obviously cannot force that on the
users' request so the user has complete access to the whole internet
cached in "google images". There are places where this type of access
is not accepted at all so google is not in the SSL whitelist.

Regards,
Willy

Received on Thursday, 19 July 2012 10:02:55 UTC