On 27.07.06 16:33, amit ash wrote:
> I was just searching on how to block file download through squid
> and got my hands on the code below. I implemented it on my linux
> server [suse 10 - squid 2.5] and it worked. I have read many
> querries in this forum regd this same issue so posting it for
> everyone.
You probably missed that many people avoid this problem by downloading files
like "http://some.example.com/file.exe?" which, of course, does not match
your regexps.
Also, there are scripts that provide you content like
"http://other.example.com/getit.php?id=0956189576" which results in saving
"file.exe"
Note: there is nothing like "file download" in HTTP.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
You always request for an object. It's only browser's decision what to do
with it, and browser usually knows that after if downloads the file (at
least its headers)
If you want your users deny certain kind of files, you must use real content
filter.
-- Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Eagles may soar, but weasels don't get sucked into jet engines.Received on Fri Jul 28 2006 - 01:23:35 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Aug 01 2006 - 12:00:02 MDT