[squid-users] blocking mime types works for adobe, not for teams
squid3 at treenet.co.nz
squid3 at treenet.co.nz
Wed May 26 23:33:23 UTC 2021
On 2021-05-27 06:58, robert k Wild wrote:
> found a really good website to check http headers and i found the mime
> type
>
> https://gf.dev/http-headers-test
>
> On Wed, 26 May 2021 at 15:11, robert k Wild wrote:
>
>> hi all,
>>
>> i have in my squid config this
>>
>> #deny MIME types
>> acl mimetype rep_mime_type "/usr/local/squid/etc/mimedeny.txt"
>> http_reply_access deny mimetype
>>
>> mimedeny.txt
>>
>> application/octet-stream
>> application/x-msi
>> application/zip
>> application/x-7z-compressed
>> application/vnd.ms-cab-compressed
>>
>> it works as it blocks adobe reader download, but the url has an exe
>> at the end so maybe this is why
No. Mime type is unrelated to any characters in the URL.
>>
>> https://admdownload.adobe.com/bin/live/readerdc_uk_d_crd_install.exe
>>
This response has "Content-Type: application/octet-stream" which is
listed in your blocklist.
>> but it doesnt block ms teams from downloading
>>
>>
> https://go.microsoft.com/fwlink/p/?LinkID=869426&clcid=0x809&culture=en-gb&country=GB&lm=deeplink&lmsrc=groupChatMarketingPageWeb&cmpid=directDownloadWin64
>>
>> it just doesnt intercept the download at all and gives me the option
>> to "save file" its an exe
>>
>> do you think this is because its a direct download link?
No. It is because the mime type is still not in your blocklist.
The tool at <https://redbot.org/> tells me the download is hidden behind
a number of redirections then eventually the actual resource comes up
with a "Content-Type: application/x-msdownload" header.
HTH
Amos
More information about the squid-users
mailing list