[squid-users] reply_body_max_size not always enforced
Eduard Weissmann
edi.weissmann at gmail.com
Fri Nov 1 13:42:36 UTC 2019
Oh.. of course! That was so silly of me.
Thank you.
On Fri, Nov 1, 2019 at 12:22 PM Matus UHLAR - fantomas <uhlar at fantomas.sk>
wrote:
> On 01.11.19 09:22, Eduard Weissmann wrote:
> >I've configured Squid to block large resources:
> >
> >reply_body_max_size 50 MB all
> >
> >Blocking works for some urls, (HTTP/1.1):
> >http://download.thinkbroadband.com/1GB.zip
> >
> >But it does not work for others (HTTP/2):
> >
> https://upload.wikimedia.org/wikipedia/commons/0/0b/Sandro_Botticelli_-_La_nascita_di_Venere_-_Google_Art_Project_-_edited.jpg
> >
> >I'm wondering: why is the second URL not blocked? Is it because the
> >response is HTTP/2?
>
> I assume it's not blocked because it's https, thus ('s' meas secure)
> encrypted and squid only sees TCP tunnel made through it, not any requests
> and responses, so it can't block either.
>
> --
> Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
> Warning: I wish NOT to receive e-mail advertising to this address.
> Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
> I just got lost in thought. It was unfamiliar territory.
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20191101/cf3ad717/attachment.html>
More information about the squid-users
mailing list