Re: blocking web pages based on content from Panagiotis Malakoudis on 1999-12-01 (squid-users)

From: Panagiotis Malakoudis <pmal@dont-contact.us>
Date: Wed, 1 Dec 1999 11:00:18 +0200

Thanx for the correction.
You are right.

I would like to share one of my thoughts with you.
One good policy would be to have an LDAP server installed and in this way
control the preferences of the web browser. then one could block all
javascripts for all the users in his network.
Blocking javascripts though would cause TOO MANY sites to become unusable
for users inside your network.

Panagiotis S. Malakoudis

Systems Administrator
SPACE HELLAS S.A.

----- Original Message -----
From: "Tilman Schmidt" <Tilman.Schmidt@sema.de>
To: "Panagiotis Malakoudis" <pmal@space.gr>
Cc: "squid" <squid-users@ircache.net>
Sent: Wednesday, December 01, 1999 10:43 AM
Subject: Re: blocking web pages based on content

> At 10:15 01.12.99 +0200, Panagiotis Malakoudis wrote:
> >I believe that the only way to do that is by blocking java. Sites that
open
> >other sites when you click on the close button use Java to do that.
>
> This is incorrect. JavaScript, not Java, is used to achieve that
> sort of effect. JavaScript is quite different from Java. You could
> possibly block Java applets with Squid, because they are transferred
> as separate files with a distinct MIME type, but that would not help
> you with the problem of pages opening other pages.
>
> JavaScript, on the other hand, is embedded in the page itself,
> and Squid has no means to strip it out.
>
> My best advice would be to educate your users to switch off
> JavaScript in their browsers because of its many security problems,
> and nag any web operator whose site isn't usable without it. At
> most, they should enable JavaScript on an individual basis for
> accessing some trustworthy web site, and disable it again
> afterwards.
>
> Btw, the german information security authority (BSI) recommends
> that every web site using JavaScript should offer an alternative
> access working without it, for precisely that reason.
>
> --
> Tilman Schmidt E-Mail: Tilman.Schmidt@sema.de (office)
> Sema Group Koeln, Germany tilman@schmidt.bn.uunet.de (private)
Received on Wed Dec 01 1999 - 02:25:43 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:49:40 MST