Re: [squid-users] Problems using proxy_auth and url_regex

From: Olivier JAVAUX <olivier.javaux@dont-contact.us>
Date: Thu, 30 Jan 2003 10:01:14 +0100

The rules are OK.
My problem is that, when an URL is denied due to the rules,
  it is considered from the browser as an authentication failure,
  and the browsers asks for authentication again.
And that for each URL which is denied.

For instance, I have a page to an allowed site, which contains
  5 images from an ad. site, which is denied.
The user will have the authentication popup at least 5 times !!!

If I don't use the proxy_auth rules, there is no problem: the URLs
  which are denied are not displayed, without any user intervention.

Is there a way to return a deny status such that nothing is asked
  to the user for authentication ??????

Henrik Nordstrom wrote:
>
> ons 2003-01-29 klockan 12.37 skrev Olivier JAVAUX:
> > Hello,
> >
> > I want to limit the sites for some users.
> >
> > So, I have rules like :
> >
> > acl test11 url_regex -i ^http://[^/]*hp\.
>
> what is wrong with using a dstdomain_regex here?
>
> acl test11 dstdomain_regex hp\.
>
> Hmm.. are you sure this is what you want to match?
>
> > acl test12 proxy_auth foo
> >
> > http_access allow test11 test12
> > http_access deny test12
> >
> >
> > The problem is that, when you go to hp.com (for instance),
> > you get banners from other sites (akamai for instance).
> > Then, the browser complains about authorization failure and
> > asks for username/password again, and again...
> >
> > Is there a way to deny the access for the sites without complains
> > from the browser with authentication popup ??????
>
> You might be able to set up some ugly rules via referer_regex to allow
> linked content from allowed sites..
>
Received on Thu Jan 30 2003 - 02:00:21 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:12:59 MST