squidcache@barendse.to wrote:
>
> I am using squid as our web proxy and use a filtering proxy after squid to
> enforce control over the website my users can visit.
>
> I noticed something really weird in my logfiles where a user was accessing
> a webiste using a double dot extension.
>
> The user has done this by accident by apparently squid is automagically
> correcting the broken url.
>
> This is wat the log shows:
> 2003.1.3 12:54:56 10.1.2.233 http://www.hollandinternational..nl GET 5407
> 2003.1.3 12:54:56 10.1.2.233 http://www.hollandinternational..nl/css/txt.css GET 5598
> Notice the ..nl!!
>
> I have tried this myself (client using Win98 / IE6) and was able to browse
> url's like www.google....nl
>
> This is very undesirable because my filtering proxy filters out some
> websites deemed inappropriate for our site but these invalid domain names
> are not in the blacklist and are therefore happily passed on to the user.
>
> It would be very impractical to include every possible dot combination in
> our blacklists.
>
> Is this a bug or feature of squid that can be disabled? I have tried this
> on squid squid-2.4.STABLE6-6.7.3 and squid-2.4.STABLE7-4 with same
> results.
You can easily remove the offending piece of code from Squid. See url.c
(search for "duplicate dots")
Regards
Henrik
Received on Mon Jan 06 2003 - 22:09:39 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:12:29 MST