-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 22/01/2015 10:25 p.m., thane@xxxxxxx wrote: > Dear Jeffries, > > I thank you for your answer. Is possible in your opinion manage > also Cookie with an expiration time? Because if I understood > correctly your suggestion works great until the users share with > some attacker the cookie. The attacker could reuse this cookie to > download freely the images from the site. Right? > It can do whatever you code the helper to do. Squid can only pass the Cookie header (as a whole) to the helper and use its result as to whether to accept of deny the request. Amos -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (MingW32) iQEcBAEBAgAGBQJUwMkYAAoJELJo5wb/XPRj/4UH/RfVN21VIqQgVASNc2fxpJkC XPDI0jzHpwhYvfiqAsWmbQDeaKvwUSVEd0CX/gg8cM/4TmrF1IWgp+hhP/lUCwyV sPlyY4Df7cNonkfDpmOm0+gZdK99gB+F56cwkitvdfg15y1NbDdvxMg+1E+/LavO B3kkEZRphNek6rGf3fgM2sSzEmWDtjhFqPdqx5nIJyRbqTWBfM862ay7aLMyiGDE WiIMlsSr5RYAg+BopOPguE8rj+FW0fzxbDKFD2F4H06AClPKC6nAYP2NKwd0fNhw rEk8w4xuuRsei6K1b7LUVDRLWtRHTeijD6O3sbmm4gIcOb1s79kV0uUjSvVGhZI= =Z/UM -----END PGP SIGNATURE----- _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
