Re: [squid-users] youtube safety mode

On 22/03/11 16:16, Jon wrote:
> On 03/21/2011 04:31 PM, Amos Jeffries wrote:
>> On Mon, 21 Mar 2011 16:06:31 -0800, Jon R. wrote:
>>> On Friday, March 18, 2011 15:48 AKDT, Amos Jeffries wrote:
>>>
>>>> On 19/03/11 07:14, Test User wrote:
>>>> > I had been asked if this is possible and doing a search through
>>>> the mailing list and google, I could only find a howto for
>>>> SafeSquid. Is it possible to do this in transparent mode using
>>>> squid? If so, can someone point me to a doc on how to accomplish this?
>>>>
>>>> What is this "youtube safety mode" you speak of?
>>>>
>>>> NP: "SafeSquid" is a system which is not related to Squid, just taking
>>>> the brand name to boost their product.
>>>>
>>>> Amos
>>>
>>> Hello Amos,
>>>
>>> I understand about SafeSquid after spending a couple minutes on their
>>> site.
>>>
>>> The youtube safety mode is a mode that blocks objectionable content
>>> from appearing as a result in a search. From what I have read it
>>> appears to only work on a browser by browser basis, so I figured I
>>> would ask the gurus' if they knew of a way to turn it on using a
>>> transparent proxy.
>>>
>>> Here is a link to YouTubes explanation of what it is:
>>>
>>> http://www.google.com/support/youtube/bin/answer.py?answer=174084
>>>
>>
>> That is one truely useless explanation for anyone with technical
>> interest.
>>
>> Do you have any info or knowledge about how it operates in HTTP? or if
>> it even does so?
>>
>> Squid has some capability to alter HTTP headers. But that requires
>> knowing what is going on in the background and what to change from/to.
>>
>> Amos
>>
>
> The best information I have found for it is from the safesquid website
> that explains how they enforce it.
>
> Taken from: http://www.safesquid.com/html/portal.php?page=165
>
>
> "The first rule in Profiles section identifies requests made for
> youtube.com, and adds them a profile 'UNSAFE_YOUTUBE'.
>
> The second rule analyzes the Request Header Pattern of the client, to
> check if a string - 'PREF=f28000000' exists in cookie being sent to the
> host. This string will be found, only if the client has opted for Safety
> Mode. If the string is found, this rule removes the profile
> 'UNSAFE_YOUTUBE' from the request, and adds a profile 'SAFE_YOUTUBE' to
> it, and the request is forwarded to the host.
>
> If the string is not found, the request still carries the
> 'UNSAFE_YOUTUBE' profile. The rule under Rewrite document section acts
> upon such requests, and inserts the string in the cookie section of the
> client request headers, and forwards the request to the host.
>
> So effectively, all requests that are sent to the host, i.e.
> youtube.com, carry the 'Safety Mode Enabled' preference string. This
> makes youtube serve only filtered results to the client."
>
>
>
> I think almost the same thing could be done with squid but I am not a
> squid master, so I am asking here. I am sorry if I am not giving you
> good information to work with.
>
>
> Jon
>

Thanks Jon. That does seemmore useful than the YouTube docs.

It paints a sad picture though. There is one possible way to turn it
OFF. But not for turning it on without screwing the clients cookies up.

"Test User": you will have to used ICAP/eCAP or other HTTP content
adaptation fiddling. Squid will not do this itself.

Amos

-- 
Please be using
   Current Stable Squid 2.7.STABLE9 or 3.1.11
   Beta testers wanted for 3.2.0.5