Re: [squid-users] [PATCH] Raw URL path ACL

From: Muthukumar <kmuthu_gct@dont-contact.us>
Date: Mon, 21 Jun 2004 16:19:12 +0530

> The attached patch against squid-2.5.STABLE5 adds a new ACL type called
> "urlpath_raw_regex".

The creation of a patch is good one.

> It works in exactly the same way as "urlpath_regex"
> except no unescaping of the URI is done first, which makes it possible to
> filter specific attacks that escape some characters in the URI without
> blocking legitimate requests.

If you use the uri_whitespace option with strip mode,it will be like that.

> I.e. you can filter URIs containing "%2easp" (the signature of some
> attacks) without blocking legitimate requests for ".asp"

We can use allow or encode mode there.

Regards,
Muthukumar.

---
===============  It is a "Virus Free Mail" ===============
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.708 / Virus Database: 464 - Release Date: 6/18/2004
Received on Mon Jun 21 2004 - 05:16:32 MDT

This archive was generated by hypermail pre-2.1.9 : Thu Jul 01 2004 - 12:00:03 MDT