Search squid archive

Re: Content injection

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 01/10/17 16:12, Alex Rousskov wrote:

On 09/30/2017 07:44 PM, stern0m1 wrote:


I am looking for a proxy that can inject content easily. Static content to
every HTML document.
Can I do this easily with squid?


You can inject some "HTML documents" using Squid combined with an eCAP
or ICAP content adaptation service, but it is not going to be easy, and
you cannot inject documents delivered over secure connections to web
clients that pin origin server certificates. For more information, see

   * http://wiki.squid-cache.org/SquidFaq/ContentAdaptation
   * https://answers.launchpad.net/ecap/+faq/1793

Alex.


For the record:
Please be aware that HTTP documents are protected by international copyright laws. Altering other peoples content is illegal in all countries signatory to the Berne Convention and many other countries individual copyright laws as well.
HTTP forms an informal contract for redistribute and copy permission, not for alteration or derivative work permissions. Unless you have written consent from the HTML document creators explicitly giving permission to alter the substance of their content it is legally considered "copyright piracy" or whatever the local laws wording is.
Actions like [un]compression of the content do not change its bytes, so are okay. But adding or removing bits from the HTML text is using their content to generate a derivative work - for which permission is NOT granted implicitly.
The legally safe way to inject notices to clients into traffic is to use splash page mechanisms. Where the client periodically gets delivered a 511 status code with your message on a page you created instead of the item they requested. You just need to make sure to detect points in the trafffic which actually reach users eyeballs, and a way for them to continue on to get what they wanted earlier. Quite a lot of HTTP traffic (~80% IIRC) is software<->software and never reaches any user eyeballs.
You can modify the splash page approach by having your page use an iframe to embed the original requestors response. Publishers can explicitly indicate whether they grant permission for that to be done (eg opt-out). 

Amos
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux