Hello, Attached is a patch that allows using unquoted external ACL output in error pages. This is useful for external ACLs that return HTML and thus shouldn't be escaped.
Thank you, Nathan.
Add a new error page token for unquoted external ACL messages. This is useful for external ACLs that send back messages that contain actual HTML. This work is submitted on behalf of Bloomberg L.P. === modified file 'src/cf.data.pre' --- src/cf.data.pre 2016-04-01 17:54:10 +0000 +++ src/cf.data.pre 2016-04-05 23:25:41 +0000 @@ -7950,40 +7950,41 @@ DOC_START e.g. 404:ERR_CUSTOM_ACCESS_DENIED Alternatively you can tell Squid to reset the TCP connection by specifying TCP_RESET. Or you can specify an error URL or URL pattern. The browsers will get redirected to the specified URL after formatting tags have been replaced. Redirect will be done with 302 or 307 according to HTTP/1.1 specs. A different 3xx code may be specified by prefixing the URL. e.g. 303:http://example.com/ URL FORMAT TAGS: %a - username (if available. Password NOT included) %B - FTP path URL %e - Error number %E - Error description %h - Squid hostname %H - Request domain name %i - Client IP Address %M - Request Method + %O - Unescaped message result from external ACL helper %o - Message result from external ACL helper %p - Request Port number %P - Request Protocol name %R - Request URL path %T - Timestamp in RFC 1123 format %U - Full canonical URL from client (HTTPS URLs terminate with *) %u - Full canonical URL from client %w - Admin email from squid.conf %x - Error name %% - Literal percent (%) code DOC_END COMMENT_START OPTIONS INFLUENCING REQUEST FORWARDING ----------------------------------------------------------------------------- COMMENT_END NAME: nonhierarchical_direct === modified file 'src/errorpage.cc' --- src/errorpage.cc 2016-04-03 23:41:58 +0000 +++ src/errorpage.cc 2016-04-05 23:07:56 +0000 @@ -910,40 +910,42 @@ ErrorState::Convert(char token, bool bui case 'm': if (building_deny_info_url) break; #if USE_AUTH if (auth_user_request.getRaw()) p = auth_user_request->denyMessage("[not available]"); else p = "[not available]"; #else p = "-"; #endif break; case 'M': if (request) { const SBuf &m = request->method.image(); mb.append(m.rawContent(), m.length()); } else if (!building_deny_info_url) p = "[unknown method]"; break; + case 'O': + do_quote = 0; case 'o': p = request ? request->extacl_message.termedBuf() : external_acl_message; if (!p && !building_deny_info_url) p = "[not available]"; break; case 'p': if (request) { mb.appendf("%u", request->url.port()); } else if (!building_deny_info_url) { p = "[unknown port]"; } break; case 'P': if (request) { p = request->url.getScheme().c_str(); } else if (!building_deny_info_url) { p = "[unknown protocol]"; }
_______________________________________________ squid-dev mailing list [email protected] http://lists.squid-cache.org/listinfo/squid-dev
