[squid-users] Squid and c-icap's srv_url_check module

[Amiq Nahas]

On Wed, Jun 17, 2020 at 8:28 PM Amos Jeffries <squid3 at treenet.co.nz> wrote:
>
> > Browser does prompt for user credentials just like the squid.conf is
> > configured to do, but it is not blocking websites.
> >
> > However, when I execute c-icap-client from command line it blocks the
> > blocklisted websites.
> > To check with c-icap-client I have used the below command:
> > `c-icap-client -s url_check -x "X-Authenticated-User: dXNlcjE=" -req
> > "https://www.facebook.com/" -v`
> >
> > So if the blocking from c-icap client is working but blocking from
> > browser is not working then
>
> Please define "blocking from c-icap"
> Please define "blocking from browser"

Squid is being used as a manual proxy at localhost:3128 in firefox,
and as a way of authenticating a user (proxy authentication), in my
case I am the sole user.
Squid is configured and is being used by the browser on the same machine.

When I said blocking from browser is not happening,
I meant that when I use the browser to access a website it is not blocked,
where as, when c-icap-client is used to make a request using the command
`c-icap-client -s url_check -x "X-Authenticated-User: dXNlcjE=" -req
"https://www.facebook.com/" -v`
I get the response saying the website is blocked.

ls> > So what could be it? Please let me know if any other piece of
> > information is required, I am not sure what else could be of use.
> >
>
> Log trace(s) from a transaction that you think is failing to start with.
> Squid access.log and c-icap log. Maybe a Squid cache.log trace with
> debug_options 11,2 or ALL,2

Squid logs access.log and cache.log do contain the logs of requested
websites requested via browser.
I enabled debug_options ALL,2 and here are the logs:
access.log: https://paste.debian.net/1152807/
cache.log: https://justpaste.it/45fca