Re: [squid-users] problem blocking cookies

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Wed, 19 Jan 2011 02:52:13 +1300

On 19/01/11 01:44, Alexander Curvers wrote:
> thanks for your response Amos,
>
>
> 2011/1/18 Amos Jeffries<squid3_at_treenet.co.nz>:
>> On 18/01/11 21:04, Hasanen AL-Bana wrote:
>>>
>>> don't you have to define ACL first ?
>>
>> "all" shoudld be in the 2.7 config anyways.
>>
> not exactly sure what you mean by this

A squid-2.7 which lacks the line "acl all src all" is broken and Squid
won't start.

>>>
>>> On Tue, Jan 18, 2011 at 1:23 AM, Alexander Curvers<acurvers_at_gmail.com>
>>> wrote:
>>>>
>>>> Hi i am running Version 2.7.STABLE3 on Debian
>>>>
>>>> im trying to block cookies
>>>>
>>>> ive added these lines to my config (and reloaded)
>>>>
>>>> header_access Cookie deny all
>>>> header_access Set-Cookie deny all
>>>>
>>>> but no effect... what am i missing?
>>>>
>>
>> Check if the site is using Set-Cookie2 or Cookie2 headers. 2.7 does not
>> support them.
>>
>> Otherwise the site is using some non-header way of setting the cookies. They
>> can be set via HTML tags or any one of a dozen scripting languages or any
>> number of browser plugins and downloadable code. All of which are outside
>> Squid's control.
>>
>
> i could check using firebug or another plugin to see the cookie
> headers.. the site i tried was google and gmail and some random cookie
> test sites
> if its using Cookie2 headers i might block them using a regex filter
> or something even in 2.7 ?

Ah, gmail. If it's on their HTTPS pages Squid does not see any of the
the actual transaction headers. Just a few on the CONNECT tunnel.

If it is Cookie2 you will have to port a simple 6-line patch and rebuild
your Squid
http://www.squid-cache.org/Versions/v3/3.1/changesets/squid-3.1-10174.patch

Amos

-- 
Please be using
   Current Stable Squid 2.7.STABLE9 or 3.1.10
   Beta testers wanted for 3.2.0.4
Received on Tue Jan 18 2011 - 13:52:19 MST

This archive was generated by hypermail 2.2.0 : Tue Jan 18 2011 - 12:00:03 MST