[squid-users] using request_header_replace option

[Amos Jeffries]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 18/11/2014 11:34 a.m., Fernandez-Touzon, Carlos E (CTR) wrote:
> I have two instances of Squid running:
> 
> 
> -        Squid v3.3.13 on Fedora 20
> 
> -        Squid v3.1.10-29 on RHEL 6.6
> 
> Both instances are configured with the following options:
> 
> request_header_access User-Agent deny all request_header_replace
> User-Agent someagent; (squid proxy header rewrite DID-IT)
> 
> The Fedora instance running v3.3.13 works just fine and rewrites
> headers like a champ.
> 
> The RHEL instance running v3.1.10 fails when I start squid with the
> following message:
> 
> 2014/11/17 17:28:18| cache_cf.cc(364) parseOneConfigFile:
> squid.conf:61 unrecognized: 'request_header_replace'
> 
> I suspected that it was because I am missing the
> -enable-http-violations option.  However, neither instance displays
> --enable-http-violations or -disable-http-violations when I run
> "squid -v".  Moreover, the squid.spec files for both RPMs did not
> include any reference to -enable-http-violation or
> -disable-http-violation.  Is "-enable-http-violations" the default
> config option?
> 
> Thoughts?
> 

The directive was added in 3.1.12.

Please upgrade. 3.1 is very old and buggy. Including a handful of
security CVE, though I think the -29 indicates they have patched those
out.

Details on how to upgrade beyond the outdated RHEL (and Fedora)
packages can be found here:
  http://wiki.squid-cache.org/KnowledgeBase/RedHat

Amos

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (MingW32)

iQEcBAEBAgAGBQJUaodiAAoJELJo5wb/XPRjWKEH/1+u6rt2pdmp2McXbPorGDRE
xZ0tNfUxku2eqY4OsACbjgGGpAeYmAb5lsrV2jYi+ev3zE5MC34736GYhJPEZ6Ma
SRSuqfHXMyRfr/ih2oprLnxxw2Fnyif2Q4bFH0AHVKT/oAF/7qksEYC8Tx3JnIXj
hFanxEQVh69SSARzXN/4y7uREIsvQ7kmEQZ9/Rqx3IxJx9PZfJpJxPqluoffEzkT
wn3FmDNIELE66OUceySHifQXYeoVrZfCpXi4VucWmzvzwvdQCUDIw+VjMapu9tXv
l6i/3GefHdIX+KfOaRwKPsiGWVzevwK0/LBJJt6YMyk8robVeObGhiFK+mpMjrs=
=RfjJ
-----END PGP SIGNATURE-----