[squid-users] reverse proxy and HTTP redirects
Amos Jeffries
squid3 at treenet.co.nz
Thu Dec 5 10:48:11 UTC 2019
On 5/12/19 11:17 pm, Vieri Di Paola wrote:
> I could try to use a redirector with location_rewrite_program, but
> this directive is not available anymore.
> I presume I need to use url_rewrite_program instead.
No, that only re-writes the client requested URLs.
You can try using a rewriter on the external_acl_type helper interface.
Something like this (untested):
external_acl_type location_rewriter %<h{Location} /path/to/rewriter
acl bad_Location external location_rewriter
deny_info 302:%note{location-rewrite} bad_Location
acl 302 http_status 302
http_reply_access deny 302 bad_Location
The idea being that you pass the helper the Location header. If that
value is http:// it produces the new URL in a response like:
"OK location-rewrite=https://... \n"
otherwise:
"ERR"
Since this is a Cookie based login check, you probably need to also pass
the Set-Cookie header to the helper and forward it back out as another
kv-pair so the reply_header_add directive can add that header back onto
the new Squid generated 302 message.
Alternative to his would be an eCAP module that just re-writes the
Location headers in place. That would be simpler, but requires some
coding to create the module.
Amos
More information about the squid-users
mailing list