On Tue, 15 Feb 2005, Yong Bong Fong wrote:
A bug in Squid allows users to bypass certain access controls by passing a URL containing "%00" which exploits the Squid decoding function.
See http://www.squid-cache.org/Advisories/SQUID-2004_1.txt for details of this old vulnerability.
Does it mean that any url containing the symbol "%" will not work with url_regex?
url_regex normalizes the URL, if not it would be trivial to bypass by just %nn encoding sensitive parts.
As a sideeffect matching % is not easy.
Regards Henrik
