Hi. Sorry with my poor English.
I (may be) found one bug in squidGuard-1.2.0 (and 1.1.4) - is not correct work with symbol "%HEXHEX" in URLs. To example - If URL is http://somewhere/somefile.mp3 - it's OK - URL blocked my ACL but if URL is http://somewhere/somefile.%6dp3 - URL is not blocked! I add line "\.%" in my expressionlist (look at bottom), but it's not work too! (also some users may use symbol "%" in any place expression :-( ) http://somewhere/somefile.%zz -URL blocked http://somewhere/somefile.%6dp3 - URL is not blocked! How can I block URL using "% HEX HEX" encoding? In RFC 1738 I read - "The Request-URI is transmitted as an encoded string, where some characters may be escaped using the "% HEX HEX" encoding defined by RFC 1738 [4]. The origin server must decode the Request-URI in order to properly interpret the request." Alexander ---------------------------------------------- It's my short test configs: squidGuard.conf --- dest deny_ext { expressionlist /usr/local/squidGuard/deny_ext redirect http://localhost/squidguard/de.html } acl { ortvnet { pass !deny_ext all } default { pass none } } --- file dest_ext --- \.% \.mp[2-3]($|\?+) --
