[squid-users] Squid as reverse proxy and image theft protection

Amos Jeffries squid3 at treenet.co.nz
Thu Jan 22 09:55:36 UTC 2015


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 22/01/2015 10:25 p.m., thane at SDF.ORG wrote:
> Dear Jeffries,
> 
> I thank you for your answer. Is possible in your opinion manage
> also Cookie with an expiration time? Because if I understood
> correctly your suggestion works great until the users share with
> some attacker the cookie. The attacker could reuse this cookie to
> download freely the images from the site. Right?
> 

It can do whatever you code the helper to do. Squid can only pass the
Cookie header (as a whole) to the helper and use its result as to
whether to accept of deny the request.

Amos
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (MingW32)

iQEcBAEBAgAGBQJUwMkYAAoJELJo5wb/XPRj/4UH/RfVN21VIqQgVASNc2fxpJkC
XPDI0jzHpwhYvfiqAsWmbQDeaKvwUSVEd0CX/gg8cM/4TmrF1IWgp+hhP/lUCwyV
sPlyY4Df7cNonkfDpmOm0+gZdK99gB+F56cwkitvdfg15y1NbDdvxMg+1E+/LavO
B3kkEZRphNek6rGf3fgM2sSzEmWDtjhFqPdqx5nIJyRbqTWBfM862ay7aLMyiGDE
WiIMlsSr5RYAg+BopOPguE8rj+FW0fzxbDKFD2F4H06AClPKC6nAYP2NKwd0fNhw
rEk8w4xuuRsei6K1b7LUVDRLWtRHTeijD6O3sbmm4gIcOb1s79kV0uUjSvVGhZI=
=Z/UM
-----END PGP SIGNATURE-----


More information about the squid-users mailing list