Henrik Nordstrom wrote:
>
> John Hardin wrote:
> >
> > Everybody:
> >
> > I'm trying to protect my users against the attacks outlined in
> > http://www.sidesport.com/hijack/
> >
> > I tried adding a deny url_regex ACL for "\%3Cscript\%20", but it looks
> > like url_regex ignores the text after ? in a CGI URL.
>
> Seems to work fine here.
>
> I tried
>
> acl no url_regex notthis
> http_access deny no
>
> Then requested "http://localhost/something?notthis" and it got properly
> denied.
>
> Most likely your regex pattern does not match the request.
Squid normalizes the URL before applying regex matches:
%3Cscript%20 does not work,
<script does work.
D'oh! Sorry. Jumped to the wrong conclusion. Mea Culpa.
-- John Hardin <johnh@aproposretail.com> Internal Systems Administrator voice: (425) 672-1304 Apropos Retail Management Systems, Inc. fax: (425) 672-0192 ----------------------------------------------------------------------- 33 days until Forum 2001Received on Fri Jun 15 2001 - 15:14:49 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:00:46 MST