On Wed, 23 Jun 2004, Steve Hill wrote:
> The attached patch adds a new ACL type called "urlpath_raw_regex". It
> works in exactly the same way as "urlpath_regex" except no unescaping of
> the URI is done first, which makes it possible to filter specific attacks
> that escape some characters in the URI without blocking legitimate
> requests.
Many thanks for your patch.
The acl added looks quite useful even if I am not sure if it should be
done as a separate ACL or simply as a flag to the existing acl.
On a further note a similar (but different) problem also exists for the
dstdomain and dstdomain_regex acl where one may want per acl to
enable/disable the reverse lookup of IP addresses to match the domain.
Note: I have taken the liberty to attach your previous Squid-2.5 patch for
the archives.
Regards
Henrik
This archive was generated by hypermail pre-2.1.9 : Wed Jun 30 2004 - 12:00:03 MDT