urlpath_regex negative assertions

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

urlpath_regex negative assertions

Vieri
Hi,

I'd like to block access to URLs ending in *.dll except for those ending in mriweb.dll.

acl denied_filetypes urlpath_regex -i denied.filetypes

where denied.filetypes contains a list of expressions of which:

(\?!mriweb\.dll$).*\.dll$

This doesn't seem to work if I try to deny access.
eg. an http client can access http://whatever/mriweb_test.dll when it shouldn't.

Where's my mistake?

Thanks,

Vieri
_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users
Reply | Threaded
Open this post in threaded view
|

Re: urlpath_regex negative assertions

Antony Stone
On Monday 18 September 2017 at 09:43:12, Vieri wrote:

> Hi,
>
> I'd like to block access to URLs ending in *.dll except for those ending in
> mriweb.dll.
>
> acl denied_filetypes urlpath_regex -i denied.filetypes
>
> where denied.filetypes contains a list of expressions

Are the others working?

> of which:
>
> (\?!mriweb\.dll$).*\.dll$

You have that regex all on one line?

> This doesn't seem to work if I try to deny access.
> eg. an http client can access http://whatever/mriweb_test.dll when it
> shouldn't.
>
> Where's my mistake?

You need to have each possible matching regex on a separate line in the file.


Antony.

--
How I want a drink, alcoholic of course, after the heavy chapters involving
quantum mechanics.

 - mnemonic for 3.14159265358979

                                                   Please reply to the list;
                                                         please *don't* CC me.
_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users
Reply | Threaded
Open this post in threaded view
|

Re: urlpath_regex negative assertions

Amos Jeffries
Administrator
On 18/09/17 21:04, Antony Stone wrote:

> On Monday 18 September 2017 at 09:43:12, Vieri wrote:
>
>> Hi,
>>
>> I'd like to block access to URLs ending in *.dll except for those ending in
>> mriweb.dll.
>>
>> acl denied_filetypes urlpath_regex -i denied.filetypes
>>
>> where denied.filetypes contains a list of expressions
>
> Are the others working?
>
>> of which:
>>
>> (\?!mriweb\.dll$).*\.dll$
>
> You have that regex all on one line?
>
>> This doesn't seem to work if I try to deny access.
>> eg. an http client can access http://whatever/mriweb_test.dll when it
>> shouldn't.
>>
>> Where's my mistake?
>
> You need to have each possible matching regex on a separate line in the file.
>

Also the '\' in '\?' makes it mean exact character match - any special
meaning (like doing a lookahead) is prevented.

Amos
_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users
Reply | Threaded
Open this post in threaded view
|

Re: urlpath_regex negative assertions

Vieri

________________________________
From: Amos Jeffries <[hidden email]>
> any special meaning (like doing a lookahead) is prevented.


OK, so I'll do an acl for deny and another for allow.

Thanks
_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users