[squid-users] Inject a banner on a couple of sites
Alex Rousskov
rousskov at measurement-factory.com
Fri Feb 5 20:15:49 UTC 2016
On 02/05/2016 02:58 AM, Travel Factory S.r.l. wrote:
> I need to inject some javascript to show some warnings to my users when
> they access a couple of external web sites.
>
> Is it possible to use squid for this, perhaps together with an icap server?
As Eliezer has answered already, yes, this is possible with ICAP or
eCAP. Eliezer answer focused on security implications that are probably
irrelevant to you (since you are the one doing the injection). The
following eCAP FAQ answer describes some technical challenges which will
be very relevant if you decide to do this:
https://answers.launchpad.net/ecap/+faq/1793
Factory has an eCAP adapter that has to deal with the above
complications, so I know first-hand that some of them are impossible to
overcome in some cases. On the other hand, if you need something that
works in 90+% of common cases, it is doable to achieve that level of
injection reliability [with some non-trivial eCAP and Javascript
development work].
Please note that if you plan to inject responses from SSL/TLS-protected
origin servers, then you cannot do that unless you are also willing to
use SslBump (which comes with its own huge bag of headaches and
limitations). This limitation is unrelated to eCAP/ICAP.
Finally, if you are really dealing with just "a couple of sites", then
there might be overall better ways to generate warnings for your users
visiting those sites (without modifying origin server responses). If you
detail your use case, somebody on this mailing list might find a better
solution for you.
HTH,
Alex.
More information about the squid-users
mailing list