Thanks a lot for your answer Robert. I now manage to apply filtering based on
the MIME type.
However, since all embedded scripts do not have the MIME type application/x -
oleobject (which is the MIME type they should have), I do not manage to avoid
downloading of activeX objects.
Does anyone has any idea on how to prevent downloading of ActiveX objects ?
Thanks again for your collaboration !
Marie
> Hi all,
>
> I am using Squid2.5 stable1 and I want to prevent the downloading of some
types
> of applications such as activeX (oleobject is the MIME type of an activeX
> object).
>
> Here is the configuration I used:
>
> ********************************
>
>
> acl trusted_sites srcdomain .microsoft.com
> acl repdangerous_appli rep_mime_type -i ^application/x -oleobject$
>
> http_reply_access allow trusted_sites repdangerous_appli
>
> ********************************
>
> Then, when I request for URL www.microsoft.com, I get an error
message "Access
> denied"
>
> Does anyone know why ?
Yes. You haven't allowed any other traffic.
try:
http_reply_access deny trusted_sites repdangerous_appli
http_reply_access allow all
Also, be sure to test trusted_sites in http_access as well - in squid
2.5 http_reply_access requires 'fast' acl checks, which means that DNS
lookups cannot be done there. (This is fixed in 3.0)
Rob
---------------------------------------------------------------------------
This mail sent through Institut Eurecom Webmail : http://webmail.eurecom.fr
Received on Mon Feb 10 2003 - 09:36:45 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:13:17 MST