John Doe wrote:
Hi,
I need to use an external program to potentially replace images requests, based on the referers, but url_rewrite does not pass the referer.
It is for people direct linking images on many external sites/forums.
I need the referer because the images seen directly on our site should not be replaced.
Would a combination with external_acl do the trick?
Yes it would. However keep in mind that the referer header can be easily
forged and get past this type of protection.
external_acl_type abuser children=5 %SRC %{Referer} "/squid/abuse.php"
url_rewrite_access allow abuser
url_rewrite_access deny all
The thing is, I need also to rewrite legit URLs in some other cases...
Can I have more than one url_rewrite blocks?
url_rewrite_program "/squid/abuse_rewrite.php"
url_rewrite_children 5
url_rewrite_concurrency 0
url_rewrite_host_header off
url_rewrite_access allow abuser
url_rewrite_access deny all
url_rewrite_program "/squid/oldurl2newurl.php"
url_rewrite_children 5
url_rewrite_concurrency 0
url_rewrite_host_header off
url_rewrite_access allow all
You will find its often better to redirect users with 302.
That can be done most efficiently like so:
acl oldURL ...
deny_info http://new.location oldURL
http_access deny oldURL
can be done seperately to cover as many different redirections and cases
as you need.
Amos
--
Please use Squid 2.7.STABLE3 or 3.0.STABLE8
