I am using squid as our web proxy and use a filtering proxy after squid to
enforce control over the website my users can visit.
I noticed something really weird in my logfiles where a user was accessing
a webiste using a double dot extension.
The user has done this by accident by apparently squid is automagically
correcting the broken url.
This is wat the log shows:
2003.1.3 12:54:56 10.1.2.233 http://www.hollandinternational..nl GET 5407
2003.1.3 12:54:56 10.1.2.233 http://www.hollandinternational..nl/css/txt.css GET 5598
Notice the ..nl!!
I have tried this myself (client using Win98 / IE6) and was able to browse
url's like www.google....nl
This is very undesirable because my filtering proxy filters out some
websites deemed inappropriate for our site but these invalid domain names
are not in the blacklist and are therefore happily passed on to the user.
It would be very impractical to include every possible dot combination in
our blacklists.
Is this a bug or feature of squid that can be disabled? I have tried this
on squid squid-2.4.STABLE6-6.7.3 and squid-2.4.STABLE7-4 with same
results.
-- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.Received on Mon Jan 06 2003 - 03:03:22 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:12:28 MST