[squid-users] Squid File Upload Blocking
Amos Jeffries
squid3 at treenet.co.nz
Wed May 8 01:50:41 UTC 2019
On 8/05/19 11:03 am, Fabricio Ferreira wrote:
> Hello Lukas,
>
> For sure Schroeffu is right. Without the SSL Interception (a.k.a. MITM –
> Man in the middle) squid can’t filter any HTTPS request as it doesn’t
> know what you have inside the SSL tunnel.
>
>
Also, in case the problem remains after SSL-Bump is done - the mime type
may not be set properly by the software doing the upload. Website upload
forms used to be particularly bad for that, but YMMV these days.
So you will want to set "debug_options 11,2" at the proxy for testing an
upload. The cache.log will then log a copy of the HTTP PUT/POST message
headers to see what mime types are actually happening and adjust your
blacklist appropriately.
HTH
Amos
More information about the squid-users
mailing list