On 16/03/2012 8:08 a.m., awarecons wrote:
Suddenly it turned out that it's impossible to deny video from www.rutube.ru by Squid means. There is the only intend to cut off video, not shockwave nor java-scripts.
Impossible? Looks very possible from that snippet you give below...
Rutube.ru uses inframe incapsulation of video via java-script. Example: http://rutube.ru/tracks/4567054.html piece of code: <script type="text/javascript"> var rt_referer = escape(location.href); playMovie('pid', 'http://rutube.ru/player.swf?buffer_first=1.0&file=http%3A%2F%2Fbl.rutube.ru%2Fdb9decb3ae2341724c72e6490b028cfd.iflv&xurl=http%3A%2F%2Frutube.ru%2Ftrackinfo%2Fdb9decb3ae2341724c72e6490b028cfd.html%3Fad_ids%3D&image=http%3A%2F%2Ftub.rutube.ru%2Fthumbs%2Fdb%2F9d%2Fdb9decb3ae2341724c72e6490b028cfd-1.jpg&&autoload=true&fsb=true&logo=false&newWnd=false&rAngle=0&uid=3692805&referer=' + rt_referer); </script> So it freely passes through rep_mime_type, rep_header, url_regex ().
The first two yes possibly. But regex can catch anything, that is both its benefit and part of the price. If you are not catching it with regex then your regex rule is wrong.
A urlpath_regex for "^/player\.swf" can catch these videos when paired with a dstdomain ACL for rutube.ru.
Please, give me solution how Squid and/or SquidGuard could cut off video, not disabling access to site itself. Approach is to deny video content, not site itself. NB Using rep_mime_type, rep_header, url_regex works fine with youtube.com - it lets to download shockwave player, but player is unable to download and play video.
rutube.ru is not youtube.com. They have different owners, different authors, and different URL patterns. Expecting them to behave exactly the same?
Amos
