On 14.06.22 17:07, simwin wrote:
Hi! There is the problems with instagram - I can see only text without photos and videos. This is the errors in browsers console: 16:52:51.024 Subsequent non-fatal errors won't be logged; see https://fburl.com/debugjs. GyaOhXSa8tR.js:56:563
16:52:51.026 A request from an outside source is blocked: The Single source policy prohibits reading a remote resource on https://graph.instagram.com/logging_client_events . (Reason: CORS request failed). Status code: (null).
if a browser prohibits this, squid can't do anything with it. Have you tried without proxy?
16:53:17.750 A request from an outside source is blocked: The Single source policy prohibits reading a remote resource on https://scontent-hel3-1.cdninstagram.com/v/t51.2885-19/82690581_2710077395747525_6629318554367819776_n.jpg?stp=dst-jpg_s150x150&_nc_ht=scontent-hel3-1.cdninstagram.com&_nc_cat=105&_nc_ohc=ctOErYLKsNAAX9tXH6M&edm=AJ9x6zYBAAAA&ccb=7-5&oh=00_AT85lFWnwrBmMMuEgs_q4E2WyNALHSTtKfbcOwA0pfA1eA&oe=62AD7CD2&_nc_sid=cff2a4 . (Reason: CORS request failed). Status code: (null) My squid config, Debian 11: grep -vE '^$|^#' /etc/squid/squid.conf include /etc/squid/conf.d/*
is there anything in there?
http_port xxx.xxx.xxx.xxx:xxxx (hidden)
don't hide this. Hite the IP, not the rest.
sslproxy_cert_error allow all sslcrtd_program /usr/lib/squid/security_file_certgen -s /var/spool/ssl_db -M 20MB
do you use ssl_bump?
request_header_access Allow allow all request_header_access Authorization allow all request_header_access WWW-Authenticate allow all request_header_access Proxy-Authorization allow all request_header_access Proxy-Authenticate allow all request_header_access Cache-Control allow all request_header_access Content-Encoding allow all request_header_access Content-Length allow all request_header_access Content-Type allow all request_header_access Date allow all request_header_access Expires allow all request_header_access Host allow all request_header_access If-Modified-Since allow all request_header_access Last-Modified allow all request_header_access Location allow all request_header_access Pragma allow all request_header_access Accept allow all request_header_access Accept-Charset allow all request_header_access Accept-Encoding allow all request_header_access Accept-Language allow all request_header_access Content-Language allow all request_header_access Mime-Version allow all request_header_access Retry-After allow all request_header_access Title allow all request_header_access Connection allow all request_header_access Proxy-Connection allow all request_header_access User-Agent allow all request_header_access Cookie allow all request_header_access All deny all
first try commenting this out.
icap_enable off icap_service service_req reqmod_precache bypass=1 icap://127.0.0.1:1344/request icap_service service_resp respmod_precache bypass=0 icap://127.0.0.1:1344/response icap_class class_req service_req icap_class class_resp service_resp icap_access class_req allow all icap_access class_resp allow all
then try without icap -- Matus UHLAR - fantomas, uhlar@xxxxxxxxxxx ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Despite the cost of living, have you noticed how popular it remains? _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
