Search squid archive

Re: Squid cannot redirect to an HTTP 302

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 15/06/2012 11:59 p.m., Chaitanya Shastri wrote:
Hi All,
    We have a small setup of squid/3.0.STABLE19 along with squidGuard
as a url re-writer. We have some problem navigating to internal pages
of Linkedin site.
   Initially, I tried to debug using setting "strip_query_terms off"
and debug options to 28,5. Then I watched the cache.log file. We have
a setup such that users are allowed only a certain mime types.
So I have an acl set for that which defines the allowed mime types:

For Ex:  acl mimeallowp rep_mime_type -i  ^application/pdf$ ...

Then following that I allow the clients in the localnet to access only
those mime types:

Ex. http_reply_access allow mimeallowp

And finally I deny all:

http_reply_access deny all

What I got from the log file, browsing internal pages of Linkedin was
that squid parses all mimeallowp's and then does not find a match and
simply executes http_reply_access deny all and displays Access Denied
Page.

When I change the line http_reply_access allow mimeallowp with
http_reply_access localnet where localnet is an acl defining internal
subnet, all works fine. But I do not want to allow access to client
machines to access all the mime type.

I also checked the HTTP Headers using the LiveHeaders plugin. There I
got that the page I was accessing has a "HTTP/1.0 302 Moved
Temporarily" header. But when I go through squid server, I get a
"HTTP/1.0 403 Forbidden" header from squid server itself.

Does that mean that squid server is not being able to handle
redirections properly?

Uhm, what Content-Type does a non-existent body have?


What do I do in this situation?

You can permit 302 status, the followup request for an object will go through your ACL controls anyway.

Amos


[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux