On Sat, Jun 12, 2010 at 10:07:51AM +0300, Henrik K wrote: > On Fri, Jun 11, 2010 at 11:47:38AM -0700, Kurt Buff wrote: > > 2010/6/11 Henrik Nordström <henrik@xxxxxxxxxxxxxxxxxxx>: > > > fre 2010-06-11 klockan 11:02 -0700 skrev Kurt Buff: > > >> All, > > >> > > >> I've been biggling around teh interwebs, and crusing through the faqs > > >> and manuals, and don't see how to block this protocol. > > > > > > Not much Squid can do about this. It's a local exploit on the Windows > > > workstation when the browser, email program or whatever that processes > > > URLs in any context sees specially crafted hcp:// URLs. > > > > > > Regards > > > Henrik > > > > I was hoping that squid could detect the urls in web pages and either > > block the entire page or elide that url. > > That's the job of DansGuardian, Privoxy, ClamAV or any other tool including > ICAP ones that is able to process and block body contents. > > As I understood, once you click the hcp:// it's already too late. It doesn't > matter if you deny the request in Squid. Forget that last sentence, it's obvious hcp:// requests would never even get to Squid since it's not http.. Anyway, good luck blocking it once it's obfuscated by javascript etc. ;)
