On 21/04/11 05:56, Jenny Lee wrote:
>
>> Reality after looking at the code:
>> Mangling is done after peer selection right at the last milli-second
>> before sending the headers down the wire. It is done on all HTTP
>> requests including CONNECT tunnels when they are relayed.
>>
>> Peering info *is* available. But "src" ACL does not check for that
>> property.
>>
>> If you have 3.1 I think you want to add a "peername" ACL like so:
>>
>> acl peerX peername X
>> request_header_access User-Agent allow OFFICE !peerX
>> ...
>
> I have 3.2.0.1 and unfortunately this does not work either. I will check on 3.2.0.7 (would that make a difference?).
May do. I don't recall changing anything there directly but the passing
around of request details has been fixed in a few places earlier which
may affect it.
Also, do you have this part which I forgot to add?
cache_peer .... name=X
>
> Furthermore, it would be nice to able to select UA like:
>
> request_header_replace User-Agent OFFICE Mozilla
> request_header_replace User-Agent HOME IE
Well...
request_header_access User-Agent deny OFFICE Mozilla
request_header_replace User-Agent HOME IE
... should also be working if a "browser" type ACL is used to check the
User-Agent field for "Mozilla".
P.S.: Nice for some maybe, but which of the 3.5 million or more browser
U-A strings do you suggest we hard-code into Squid for faking like this?
No, we picked to leave it optional and open for future browsers and
tools to be developed. Especially since it is a standard violation to
actually do any U-A changes. There are good reasons for *some* of those
sites behaviour and each piece of the U-A has significant meanings.
Amos
-- Please be using Current Stable Squid 2.7.STABLE9 or 3.1.12 Beta testers wanted for 3.2.0.7 and 3.1.12.1Received on Wed Apr 20 2011 - 23:51:48 MDT
This archive was generated by hypermail 2.2.0 : Thu Apr 21 2011 - 12:00:03 MDT