On 11/18/20 3:20 PM, robert k Wild wrote: > can i use the acl "reply_header_access" to block downloads, like i have > done with the " rep_mime_type " or is this not what its meant for Roughly speaking, ACL is a boolean function -- something that gives Squid a yes/no answer to an ACL-specific question. A typical ACL can be used in many contexts, for many purposes. By itself, an ACL does not block or allow anything. Unfortunately, folks sometimes misuse the term "ACL" to mean "an ACL-driven directive". * rep_mime_type is an ACL. The question this particular ACL answers is "Does the response have the specified Content-Type header field value?" * reply_header_access is not an ACL. It is an ACL-driven directive (i.e. a directive that accepts ACLs as configuration parameters). This particular directive does not block any responses. Instead, it prevents individual response header fields from being delivered by Squid to HTTP clients. It does not affect responses received by Squid -- beyond sending bytes to clients, Squid does not see the effects of this directive when processing the response. For example, Squid code responsible for storing responses in the cache is executed before this directive is applied. HTH, Alex. _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
