On Tue, 16 Mar 2010 14:06:59 +0000, Graham Keeling <graham@xxxxxxxxxxxx> wrote: > Hello, > > In older versions of squid, I was able to block or allow specific arbitrary > request headers. For example: > > header_access X-SomeRandomHeaderA allow all > header_access X-SomeRandomHeaderB deny all > > In squid-3.1 (and 3.0, I think), the equivalent of header_access for > request > headers is now request_header_access. > > But if I try this, squid gets upset and doesn't start: > request_header_access X-SomeRandomHeaderA allow all "allow all" is the default. You can ignore those settings. > request_header_access X-SomeRandomHeaderB deny all > > It says: > 2010/03/16 13:55:19| parse_http_header_access: unknown header name > 'X-SomeRandomHeaderA' > > So, it seems that you can only add headers that squid knows about > internally. > Which is what this page says: > http://www.squid-cache.org/Doc/config/request_header_access/ > > You can only specify known headers for the header name. > Other headers are reclassified as 'Other'. You can also > refer to all the headers with 'All'. > > I could use 'Other', but it means that I have to treat all unknown headers > in the same way. Unless I'm missing something. > > > So, can anybody tell me how to block or allow specific arbitrary request > headers in squid-3.1? > Not possible in Squid-3. Removing random headers is a violation of HTTP protocol and can seriously break things when not understood. If you can present to us some information about these special headers that shows they are in fact deserving of stripping, we can add them. There is always the eCAP/ICAP filtering add-on interface now available for local control. Rant: I for one got tired of handling complaints because application X would not work through Squid when the admin stripped away all it's proprietary headers. Amos
