When web browsers transmit Proxy-Authorization credentials to the proxy for sites that do not require proxy-authentication (usually those with authenticate(no) rules), it could result in the Proxy-Authorization data to be transmitted to the Internet. This happen because the proxy will forward the Proxy-Authorization header upstream if it is not authenticating the session.
The following CPL can be applied to prevent the Proxy-Authorization header from being forward beyond the proxy :
define action remove_ProxyAuth_header delete( request.header.Proxy-Authorization) end
Imported Document ID: 000011232
Subscribing will provide email updates when this Article is updated. Login is required.