On 10/07/2015 9:51 a.m., David Touzeau wrote: > Hi ikna > > This can be done, but you need to forget the ufdbgclient and create > yourself a new one that is able to connect to the ufdbguard server in > order to get ufdbguard results. > In this case, you have with your code to replace the OK status=302 > url="" sent by ufdbguard server by OK rewrite-url="" > > Then the address bar will be not changed. > > If you need an example, you will find it after installing this open > source software : > http://sourceforge.net/projects/artica-squid/files/ISO/proxy-appliances/ > Thats not what he is asking for though. He is asking to change the page *content*. By only altering the URL request-line on the received message. The answer is to change what the http://10.1.1.142/sgerror.php script does. So it displays the url= parameter instead of its own full URL. IMPORTANT: doing that was a XSS / open-proxy vulnerability that squidguard had. Its not a good idea to just dump out query-string data delivered by the client as body content. It needs to be sanitized properly first. Amos > > Le 09/07/2015 22:19, Ikna Nou a écrit : >> Dear all, >> We recently migrated from Squid3.4.13/squidGuard to Squid3.5/ufdbGuard >> >> With Squid3.4+squidguard, we were able to display on clients browser a >> customized error page showing ONLY the original URL request on the >> address bar. >> >> But, now: what we display on clients browser is: >> http://10.1.1.142/sgerror.php?url=http%3A%2F%2Fwww.blocked_site.com >> >> From command line: >> :~#echo "http://www.blocked_site.com 10.10.0.1/ - - GET" | >> /usr/local/ufdbguard/bin/ufdbgclient -d >> OK status=302 >> url="http://10.1.1.142/sgerror.php?url=http%3A%2F%2Fwww.blocked_site.com"; >> >> squid access log: >> 10.10.2.2 GET http://www.blocked_site.com/ HTTP/1.1 - 287 - >> "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, >> like Gecko) Chrome/43.0.2357.124 Safari/537.36" TCP_REDIRECT:HIER_NONE >> - www.blocked_site.com / - - - >> >> >> Is it possible to achieve the prevoius behavior? (display the blocked >> URL on clients browser address bar?) >> Thank you >> >> >> _______________________________________________ >> squid-users mailing list >> squid-users@xxxxxxxxxxxxxxxxxxxxx >> http://lists.squid-cache.org/listinfo/squid-users > > _______________________________________________ > squid-users mailing list > squid-users@xxxxxxxxxxxxxxxxxxxxx > http://lists.squid-cache.org/listinfo/squid-users _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
