Search squid archive

Re: Re: Logging/Blocking URLs with question marks ?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Matus UHLAR - fantomas wrote:
On Mon, 17 Mar 2008 11:31:39 +0000
"Robin Clayton" <twinturbo@xxxxxxx> wrote:
2.5-Stable-5

I have used squid for probably 8 years.

We see :)

It has recently come to my attention that sites with dynamic content
as denoted by a ?  "question mark" are not being logged or blocked.

so for example searches on google do not show the full URL.

On 18.03.08 13:07, RW wrote:
I don't know much about 2.5 but in up-to-date versions, logging of query
urls is governed by "strip_query_terms". By default it's on to avoid
logging things like session IDs.

it's called privacy :)

It's called philanthropy: protecting idiots against themselves at ones own cost.

No webmaster with any serious intentions of privacy publishes the SESSION-IDs in visible URI. The sensible ones use session cookies, nicely hidden from script-kiddies eyes, easily removed by security-conscious users, and not getting in the way of smart users direct-linking.

Amos
--
Please use Squid 2.6STABLE17+ or 3.0STABLE1+
There are serious security advisories out on all earlier releases.

[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux