No it does not say so. See notes below.
To make Squid allow any characters just comment out the block in url.c
starting by
if (strspn(host, valid_hostname_chars) != strlen(host)) {
To allow underscores, you can compile Squid with the
--enable-underscores option.
Some notes on the standards of hostnames, HTTP, DNS etc:
Note 1: The HTTP specification (RFC2616) is rather strict on the
characters allowed in HTTP URL:s:
From RFC2396 "URI" (referenced by RFC2616 "HTTP/1.1"):
URL schemes that involve the direct use of an IP-based protocol to a
specified server on the Internet use a common syntax for the server
component of the URI's scheme-specific data:
<userinfo>@<host>:<port>
...
hostport = host [ ":" port ]
host = hostname | IPv4address
hostname = *( domainlabel "." ) toplabel [ "." ]
domainlabel = alphanum | alphanum *( alphanum | "-" ) alphanum
toplabel = alpha | alpha *( alphanum | "-" ) alphanum
as seen this does not allow underscores in Internet URL host names. Only
A-Z 0-9 and - (case insensitive).
Note 2: What restricts hostnames is not the DNS specification, but the
"Requirements for Internet hosts" specification Internet STD 0003,
specifically RFC1123 section 2.1. This too does not allow underscores,
and is from what I can tell identical to the rules above.
Note 3: DNS as such allows any characters in the DNS protocol and from
what I understand has always done so even if the specification has been
a bit ambigous on this. To DNS a "domain name label" is just a binary
sequence. What RFC2181 clarifies is that the DNS protocol does not by
itself put any restrictions on the labels used within DNS. DNS is just a
protocol for resolving namespaces, not a namespace definition. DNS does
not define the namespace of Internet hosts, only a protocol that can be
used to resolve names within the Internet host namespace and optionally
other namespaces. The fact that DNS allows for "any kind of data" does
not say that it is allowed to use "any kind of data" for Internet host
names.
Note 4: There is an ongoing task within IETF to standardise how to use
national characters etc in Internet hostnames, but there still is lots
to define before the goal is reached. The long term goal has been
defined to move to use UTF8 in all Internet protocols, and I think also
a intermediary wrapper in the application layer has finally been defined
transforming "national host names" to/from "current hostname syntax
conformant names" to be used until the transition to UTF8 can be done.
As the HTTP specification has not yet been revised to support UTF8
applications wishing to use "national host names" SHOULD use such
translation layer when using such host names within HTTP. Also, I am
uncertain on the fate of underscores in this context..
Note 5: Other standard Internet applications such as E-Mail also puts
restrictions on allowable syntax for hostnames within the protocol in
addition to STD 0003. HTTP is not alone.
Regards
Henrik
Jason Roysdon wrote:
>
> I just got an email from one of my users complaining that when using the
> Proxy he can't reach http://subscription_services.cmp.com but if he disables
> the proxy it works.
>
> My reply to him was:
> "Underscore in a hostname used to violate the DNS RFCs. The Proxy was just
> following the RFC.
>
> http://www.squid-cache.org/Doc/FAQ/FAQ-11.html#ss11.8
>
> http://www.acmebw.com/askmrdns/archive.php?category=81&question=604
>
> The most recent DNS RFC 2181 is somewhat vague on what may be allowed, but
> basically any ?binary string? is considered valid now, even though not all
> applications have implemented this:
>
> http://www.lucent.com/livelink/0900940380004a18_White_paper.pdf (search on
> underscore).
> "
>
> Can I get some feedback from the Squid folks? Is underscore (or any binary
> string) not valid now for DNS hostnames per RFC 2181? If so, can this
> change be made in the default compile of Squid? (I'm aware of the flag to
> compile and disable this check)?
>
> Jason Roysdon, CCDP/CCNP:Security, MCSE, CNA, Network+, A+
> Public email : jroysdon@hotmail.com
> Homepage : http://jason.roysdon.net/
>
> PS: Don't use a subject like that looks like spam, as your message will end
> up in my junk filter and never be read.
>
> _________________________________________________________________
> Join the world?s largest e-mail service with MSN Hotmail.
> http://www.hotmail.com
Received on Fri Aug 23 2002 - 02:15:55 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:09:48 MST