Re: [squid-users] urlpath_regex doesn't match

From: Christoph Haas <email@dont-contact.us>
Date: Thu, 16 Mar 2006 17:54:29 +0100

On Thursday 16 March 2006 17:39, Marco Berizzi wrote:
> Christoph Haas wrote:
> >On Thursday 16 March 2006 14:50, Marco Berizzi wrote:
> > > Christoph Haas wrote:
> > > >So this doesn't match. Try http_reply_access with content type ACLs.
> > >
> > > What kind of acl should I implement?
> >
> >Search your squid.conf for "rep_mime_type".
>
> This the reply from the server:
>
> Resolving www.gametrailers.com... 66.17.214.20, 66.17.214.37,
> 66.17.214.38 Connecting to www.gametrailers.com|66.17.214.20|:80...
> connected. HTTP request sent, awaiting response...
> HTTP/1.1 200 OK
> Date: Thu, 16 Mar 2006 16:24:07 GMT
> Server: Apache/1.3.33 (Unix) PHP/4.3.11
> X-Powered-By: PHP/4.3.11
> Content-Length: 14773618
> Content-Disposition: attachment; filename="t_hl2_aftermath_hd.wmv"
> Keep-Alive: timeout=2, max=100
> Connection: Keep-Alive
> Content-Type: application/octet-stream
> Length: 14,773,618 (14M) [application/octet-stream]
>
> I cannot block all "octet-stream" with rep_mime_type, so I have tried
> with "acl marcotrojans rep_header Content-Disposition -i \.wmv\"$
> and it works. The is a problem with the " character. There some web
> server (windoze) that doesn't put that char in the filename field. So
> I have modified the regex to \.wmv?$ but it doesn't match.
> Hints?

Just one hint: Squid is bad at checking the content of HTTP objects. Unless
you use another proxy that can handle content better you will need to rely
on what the web server is sending you. The Content-Diposition header might
work here but is IMHO rather made for MIME parts of email messages rather
than being used in HTTP communication.

But whatever header field you check: you are always relying on the web
server administrators classification of files. If you just want to allow
text/html only and they classify their porn videos as text/html then Squid
won't know that it's unwanted. And even if the web server works
half-decently then you might get video/wmv as well as video/microsoft-wmv
or video/funky-movie-format.

You didn't say what you want to accomplish. But content types and Squid are
a typical issue of "YMMV". :)

 Christoph

-- 
~
~
".signature" [Modified] 1 line --100%--                1,48         All
Received on Thu Mar 16 2006 - 09:54:40 MST

This archive was generated by hypermail pre-2.1.9 : Sat Apr 01 2006 - 12:00:04 MST