[squid-users] Disable 302 redirect in squid, but only to http://eais.rkn.gov.ru

Alex Rousskov rousskov at measurement-factory.com
Thu Sep 12 13:07:33 UTC 2019

On 9/12/19 1:25 AM, Amos Jeffries wrote:
> On 12/09/19 7:45 am, Igor Rylov wrote:
>> After I've wrote my question, I thought, if it's possible to to do it with:
>> acl sites_blocking_redirect url_regex BLOCKER
>> reply_header_access Location deny sites_blocking_redirect
>> Is it a workable or the correct way to do it, so it solves my problem?

> It is close. That would stop the Location header getting to the client

The url_regex ACL matches the request URL, and the request URL is not
BLOCKER in this example. I would use the rep_header ACL instead.


> Browser. But the 302 status still will, and given that the Browser back
> button functionality is not working like it used to (a browser bug?),
> the full result may still not be worth it.
> I would use the http_reply_access to deny instead. That way the client
> gets a 403 status from Squid and definitely none of the upstream's redirect.
> If you want to be more fancy than 403, the current Squid can attach a
> deny_info to the ACL to make the denial have 451 status with custom
> template page explaining the block to any user that sees it.
>  (Which is what your upstream should have been doing.)
> Amos
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users

More information about the squid-users mailing list