Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
[POLL] HTTP tracking (and caching) #176
With the push towards a "secure" web (HTTPS everywhere), more and more sites are now only accessible over HTTPS. This means more and more sites are not showing in the Squid web logs.
It isn't possible to track what sites Hotspot users visit if they are visiting HTTPS websites. Reverse lookup of IP address works in some cases, and is wildly inaccurate in other cases (think of a website behind a cloudflare shared IP address). At no point is a Hotspot user going to modify their proxy settings so that we can monitor their HTTPS usage, that's just not good for user experience.
HTTPS accounts for more than 66% of all page loads in Chrome across all platforms with With more than 50% of all pages being loaded via Chrome being HTTPS, and most platforms have more than 75% of page loads of HTTPS. https://transparencyreport.google.com/https/overview?hl=en The encrypted web really is here, and here to stay. https://security.googleblog.com/2018/02/a-secure-web-is-here-to-stay.html
It's time to decide if it's worth the maintenance effort, and the CPU cycles, of running the Squid transparent proxy, and attempting to track users browsing history. The report is becoming more and more useless as more and more sites are HTTPS.
In my opinion, and as a user, i always rather have the option to do or not. So if it's possible, Tim consider adding this has a setting on the backoffice.
Control access (Squid)?
And you could have it default to No.
(This would be the perfect solution for less tech savy users)