I use a pattern of
\.bz2(\?.*)?$
Which matches '.bz2' at the end of a URL or '.bz2?' followed by anything.
The un-escaped '?' matches 0 or 1 occurrence of the pattern in parenthesis, which in
this case is a question-mark followed by zero or more characters.
Mike Mitchell
-----Original Message-----
From: Herman (ISTD) [mailto:[EMAIL PROTECTED]
Sent: Friday, April 16, 2004 11:07 PM
To: Adam Aube; [EMAIL PROTECTED]
Subject: RE: [squid-users] Re: Help, Squid ACL regex_url BYPASSS
Thank you all,
At last, I just use \.bz2 entry, since the user may just put ?? or ???
behind the URL.
Regards,
herman
> -----Original Message-----
> From: Adam Aube [mailto:[EMAIL PROTECTED]
> Sent: Friday, April 16, 2004 7:44 PM
> To: [EMAIL PROTECTED]
> Subject: [squid-users] Re: Help, Squid ACL regex_url BYPASSS
>
> Herman (ISTD) wrote:
>
> > Currently, I am preventing my users for downloading some files e.g
file
> > with .bz2 extention.
>
> > In squid.conf I define as following :
> > acl BadUrl url_regex -i
"/usr/local/squid/etc/data/BadUrlFile"
>
> > Add I add this entry to /usr/local/squid/etc/data/BadUrlFile :
> > \.bz2$
>
> > But some of the users did some trick by adding ? or ?/ in the URL
>
> > And they successful to bypass my ACL and download the files they
wanted.
>
> > I have try to add "\.bz2?$" and "\.bz2?/$" in to
> > /usr/local/squid/etc/data/BadUrlFile file. But it does not work.
>
> Like with the '.', you need to escape the '?' and '/' with a '\'.
>
> Adam
