On 9/12/19 1:25 AM, Amos Jeffries wrote: > On 12/09/19 7:45 am, Igor Rylov wrote: >> After I've wrote my question, I thought, if it's possible to to do it with: >> >> acl sites_blocking_redirect url_regex BLOCKER >> reply_header_access Location deny sites_blocking_redirect >> >> Is it a workable or the correct way to do it, so it solves my problem? > It is close. That would stop the Location header getting to the client The url_regex ACL matches the request URL, and the request URL is not BLOCKER in this example. I would use the rep_header ACL instead. Alex. > Browser. But the 302 status still will, and given that the Browser back > button functionality is not working like it used to (a browser bug?), > the full result may still not be worth it. > > I would use the http_reply_access to deny instead. That way the client > gets a 403 status from Squid and definitely none of the upstream's redirect. > > If you want to be more fancy than 403, the current Squid can attach a > deny_info to the ACL to make the denial have 451 status with custom > template page explaining the block to any user that sees it. > (Which is what your upstream should have been doing.) > > Amos > _______________________________________________ > squid-users mailing list > squid-users@xxxxxxxxxxxxxxxxxxxxx > http://lists.squid-cache.org/listinfo/squid-users > _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
