[squid-users] [PATCH] Raw URL path ACL

From: Steve Hill <steve@dont-contact.us>
Date: Mon, 21 Jun 2004 11:06:27 +0100 (BST)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

The attached patch against squid-2.5.STABLE5 adds a new ACL type called
"urlpath_raw_regex". It works in exactly the same way as "urlpath_regex"
except no unescaping of the URI is done first, which makes it possible to
filter specific attacks that escape some characters in the URI without
blocking legitimate requests.

I.e. you can filter URIs containing "%2easp" (the signature of some
attacks) without blocking legitimate requests for ".asp"

- - Steve Hill
Senior Software Developer Email: steve@navaho.co.uk
Navaho Technologies Ltd. Tel: +44-870-7034015

        ... Alcohol and calculus don't mix - Don't drink and derive! ...

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Public key available at http://linux.navaho.co.uk/pubkey.steve.txt

iD8DBQFA1rMmb26jEkrydY4RAt9pAJ40O6/2GXt1NdFxxURN6PXnmsV2egCcDAJ/
mKOZSgLoy6uL8x7hhbl1Co0=
=CmX/
-----END PGP SIGNATURE-----

Received on Mon Jun 21 2004 - 04:06:43 MDT

This archive was generated by hypermail pre-2.1.9 : Thu Jul 01 2004 - 12:00:03 MDT