Re: [squid-users] urlpath_regex doesn't match

From: Henrik Nordstrom <henrik@dont-contact.us>
Date: Thu, 16 Mar 2006 19:09:55 +0100

tor 2006-03-16 klockan 17:54 +0100 skrev Christoph Haas:

> Just one hint: Squid is bad at checking the content of HTTP objects. Unless
> you use another proxy that can handle content better you will need to rely
> on what the web server is sending you. The Content-Diposition header might
> work here but is IMHO rather made for MIME parts of email messages rather
> than being used in HTTP communication.

It's used for almost every download service, as it instructs the browser
to save the object to disk rather than trying to display it and by what
name the object should be saved.

Without the content-disposition header the browsers guesses what should
be done with the object based on the content-type, content and prior
experience of the users preferences, and what name it should have based
on the URL.

But no, it isn't an official HTTP header. But the HTTP standard does
document the defacto common practise about using this header, and all
major browser vendors have selected to implement it.

> But whatever header field you check: you are always relying on the web
> server administrators classification of files.

True, but as most focus on making the user experience relatively good
making these kinds of hints is in fact quite good for "normal" sites.

The evil sites is not much you can do about, except blocking them when
found and educating your users on acceptable usew of internet etc. But
determined users or web masters will always find ways around nearly any
block you make.

The without doubt most important step to take when starting to filter
Internet content and restricting access is to make sure there is a clear
policy on acceptable internet usage, and that your users are aware of
the policy and the penalties of not obeying the policy. Without this in
place all you accomplish is annoyed users and a war for finding ways
around whatever block/filter you set up.

With this in place even very simple blocking/filtering methods becomes
very effective as all the blocking/filtering method then needs to do is
to act as a gentle reminder that there is limits on what is considered
acceptable so people not unintentionally stray off too far from the
policy.

The "bad" users who intentionally violate the policy has to be hunted
down manually in either case by keeping statistics and regularily
auditing the Internet usage. Here statistics from the block/filter is
again quite valueable as it can provide one hint on which users needs to
be investigated more closely as users often getting caught in the
block/filter probably isn't acting in a good manner. But it should not
be the only method used.

Regards
Henrik

Received on Thu Mar 16 2006 - 11:10:00 MST

This archive was generated by hypermail pre-2.1.9 : Sat Apr 01 2006 - 12:00:04 MST