John Doe wrote:
> Hi,
>
> I need to use an external program to potentially replace images requests, based on the referers, but url_rewrite does not pass the referer.
> It is for people direct linking images on many external sites/forums.
> I need the referer because the images seen directly on our site should not be replaced.
> Would a combination with external_acl do the trick?
Yes it would. However keep in mind that the referer header can be easily
forged and get past this type of protection.
>
> external_acl_type abuser children=5 %SRC %{Referer} "/squid/abuse.php"
> url_rewrite_access allow abuser
> url_rewrite_access deny all
>
> The thing is, I need also to rewrite legit URLs in some other cases...
> Can I have more than one url_rewrite blocks?
>
> url_rewrite_program "/squid/abuse_rewrite.php"
> url_rewrite_children 5
> url_rewrite_concurrency 0
> url_rewrite_host_header off
> url_rewrite_access allow abuser
> url_rewrite_access deny all
>
> url_rewrite_program "/squid/oldurl2newurl.php"
> url_rewrite_children 5
> url_rewrite_concurrency 0
> url_rewrite_host_header off
> url_rewrite_access allow all
>
You will find its often better to redirect users with 302.
That can be done most efficiently like so:
acl oldURL ...
deny_info http://new.location oldURL
http_access deny oldURL
can be done seperately to cover as many different redirections and cases
as you need.
Amos
-- Please use Squid 2.7.STABLE3 or 3.0.STABLE8Received on Wed Aug 13 2008 - 07:28:27 MDT
This archive was generated by hypermail 2.2.0 : Wed Aug 13 2008 - 12:00:03 MDT