-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
The attached patch against squid-2.5.STABLE5 adds a new ACL type called
"urlpath_raw_regex". It works in exactly the same way as "urlpath_regex"
except no unescaping of the URI is done first, which makes it possible to
filter specific attacks that escape some characters in the URI without
blocking legitimate requests.
I.e. you can filter URIs containing "%2easp" (the signature of some
attacks) without blocking legitimate requests for ".asp"
- - Steve Hill
Senior Software Developer Email: steve@navaho.co.uk
Navaho Technologies Ltd. Tel: +44-870-7034015
... Alcohol and calculus don't mix - Don't drink and derive! ...
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Public key available at http://linux.navaho.co.uk/pubkey.steve.txt
iD8DBQFA1rMmb26jEkrydY4RAt9pAJ40O6/2GXt1NdFxxURN6PXnmsV2egCcDAJ/
mKOZSgLoy6uL8x7hhbl1Co0=
=CmX/
-----END PGP SIGNATURE-----
This archive was generated by hypermail pre-2.1.9 : Thu Jul 01 2004 - 12:00:03 MDT