Quantcast

URL bad rewritten using directive "deny_info"

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

URL bad rewritten using directive "deny_info"

javier.sanchez@coam.org


    Hi all.


    I using squid 3.4.8 over Debian as reverse proxy in order to protect with SSL some of our servers.


    I have an issue when I try to "redirect" to port 443 users that try to connect to port 80.


    As is said here (http://lists.squid-cache.org/pipermail/squid-users/2016-September/012669.html), we use this lines in our configuration.

[...]
http_port 80 accel vport
acl HTTP proto HTTP
deny_info 301:<a class="moz-txt-link-freetext" href="https://%H%R">https://%H%R HTTP
http_access deny HTTP
[...]


	It works and send a 301 reply to the client, but the problem is that it changes the requested URL. Particularly it changes "&" for "&amp;"

	
	This is a real example:

	The client request next URL on port 80:

http://masivos.coam.org/Masivos/URLProcesador?id_envio=2689&token=20161202122625195AMVnxAmHS2lwgc5JoFd2HCHi9fBipvoesVlpMWw3RpJ5yratkcx3ucbBRwpHPs1pNouvpP99UuWWxn359pnXnetQKrekCDZjCo65&id=0&semilla=20150710135955907GDEjFCZNveaoPsXs34Npc2JUQWF3PcCFjcAadFbToAFCqfQqX3cS6xeyh5NVEb31tNa4YqtE9pWFFxoqnT6wWhTrbMNEVKp7guyx&email=prueba2@...

	The client receives 301 error code requesting him to go to:

https://masivos.coam.org/Masivos/URLProcesador?id_envio=2689&amp;token=20161202122625195AMVnxAmHS2lwgc5JoFd2HCHi9fBipvoesVlpMWw3RpJ5yratkcx3ucbBRwpHPs1pNouvpP99UuWWxn359pnXnetQKrekCDZjCo65&amp;id=0&amp;semilla=20150710135955907GDEjFCZNveaoPsXs34Npc2JUQWF3PcCFjcAadFbToAFCqfQqX3cS6xeyh5NVEb31tNa4YqtE9pWFFxoqnT6wWhTrbMNEVKp7guyx&amp;email=prueba2@...


    How can I solve that? Is this a bug or something that can be solved changing configuration.


    Thank you.


--

Javier

_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: URL bad rewritten using directive "deny_info"

Amos Jeffries
Administrator
On 26/01/2017 1:00 a.m., javier.sanchez wrote:
>
>     Hi all.
>
>
>     I using squid 3.4.8 over Debian as reverse proxy in order to protect
> with SSL some of our servers.
>

<snip>
>
>     How can I solve that? Is this a bug or something that can be solved
> changing configuration.

Please try the Debian backports package of the 3.5 version.

If the issue remains, then you may have to use url_rewrite_program with
a helper to do the redirection instead of deny_info.

Have the helper produce the same 301:https://... URLs that deny_info
should have, and the http_access to allow HTTP traffic.
 That helper interface is a bit slower but will definitely work.

Amos

_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users
Loading...