I've got a case open on this, but wanted to ask the community too. I've got an S360 running AsyncOS 5.6.0-623 running in transparent mode. We're requiring NTLM user authentication. We're using the HTTPS Proxy feature.
In Firefox 3.x and maybe others (but not Internet Explorer) when viewing some SSL web sites that auto-refresh you will periodically receive a pop-up message with "OK" and "Cancel" buttons:
The web page is being redirected to a new location. Would you like to resend the form data you have typed to the new location?
This doesn't happen on the first visit, but only if you sit an wait for the page to refresh on its own. A perfect example of this is gmail.com (using HTTPS of course) but I've seen this on several other sites as well.
I've run all sorts of packet captures but because everything is encrypted it has been pretty useless. Has anyone else experienced this?