Is it possible to send custom HTML messages to users when they first start a
session through a squid proxy server?
I want to be able to redirect a users first request to the "message of the
Day".... then the rest of their browsing requests for the remainder of the
session go without being redirected.....
Detailed Steps:
User opens browser. (Browser is configured to use the Squid Proxy)
User opens http://google.com (or other url of their choice)
Instead of getting Google.com they are redirected to http://somewhere.else.com/MOD.html
User reads the MOD
User types http://google.com again (or other url of their choice) This time
the browser goes to the correct destination with no redirection.
Would I have to develop or locate a Squid Proxy Server Plug-in to perform this
kind of action or is this something the SQUID server can do with a little custom
code?? (Perl etc)
There's a line in the squid conf you can add like redirect_script. Write a Perl program that takes input - one URL per line. It outputs the url you are going to redirect the user to. The UpsideDownTernet script is an example.
Now change the script to output your MOTD the first time, and every other time just echo the URL back.
The problem is, how do you tell user requests apart? Well at this point you need to use a redirect_program line instead of redirect_script...
Squid will pass in several arguments to the program:
URL ip-address/fqdn ident method
URL is the URL requested
ip-address/fqdn is the IP address or fully qualified domain name of the client (web browser) which requested the page.
ident is the identity of the user running the web browser. Unless you configure squid to do ident lookups, this will be "-".
method is the request method: "GET", "POST", "HEAD"
Reference: http://taz.net.au/block/
At that point you can modify your script to determine the "timeout" each user gets between seeing the MOTD (e.g. if he doesn't visit a website for 12 hours, he gets the message) or whatever.
I came across a good book on Squid titled Squid Proxy Server 3.1: Beginner's Guide by Packt. You can read more about it here https://www.packtpub.com/squid-proxy-server-31-beginners-guide/book. Maybe it will come in handy
Related
Fiddler core .net api proxy server captures network traffic.
how to redirect any http/https url to another site.?
suppose if I browse yahoo.com, then proxy server should redirect to another site such as wikipedia.com. Browser should open wikipedia instead of yahoo.com.
how to block any web site.?
suppose when I hit espncricinfo.com in browser, then site must be blocked and stopped its session
These topics are well-covered in the Fiddler book and in numerous tutorials around the web.
Inside your BeforeRequest handler, add code that examines the request and returns a redirect (or an error page)
if (oSession.urlContains("whatever"))
{
oS.utilCreateResponseAndBypassServer();
oS.oResponse.headers.SetStatus(307, "Redirect");
oS.oResponse["Cache-Control"] = "nocache";
oS.oResponse["Location"] = "http://newurl/";
oS.utilSetResponseBody("<html><body>sending request elsewhere</body></html>");
return;
}
I want to Do a proxy redirect from perl. I have been using Location Header to redirect.
print ("Location: http://www.example.com\n");
The problem with this is the url on the client side changes to a new one (i.e. www.example.com ). I don't want that to happen, so that the end user is unaware of the location we are serving the request from.
If the client is going to do the fetching, it's going to show the URL it's fetching unless the page being fetched is embedded in another page (e.g. by using an iframe). And even then, it's very easy for the user to discover the url if they look.
If instead you do want to a be a proxy (and by all indication you are), which is to say you want to fetch a doc and return it to the client, well, you have to start by fetching the doc you want to return to the client.
Note that you can configure apache to act as a proxy.
Looking through some legacy code I have in front of me using struts one, I see:
<global-forwards>
...
<forward name="accessDenied" path="/www/jsp/AccessDeniedForm.do" redirect="true" />
</global-forwards>
So it's just a global forward to send to a access denied page.
I am curious about the decision to redirect as opposed to forward. What are the advantages and disadvantages of using it?
What are the pro's and con's of using it?
Before discussing pro's and con's of using that forward element with redirect set to true, let's understand what is actually going on with that configuration. When redirect is set to true in the forward element, a redirect instruction should be issued to the user-agent so that a new request is issued for this forward's resource. This link will probably provide detail information that you need.
The default value for redirect is to false, essentially when the forward element is called, it forward to that path specified and that's it. If you are setting redirect to true, take for example, the browser will make another request. So I think with these said, you probably know or have an idea the pro and con if you really want to use it.
In redirect, the control can be directed to different servers or even another domain name.The redirect takes a round trip.When a redirect is issued , it is sent back to the client , and redirected URL information is in the header instructing the browser to move to the next URL. This will act as a new request and all the request and response data is lost.
In forward , the forwarding is done from server side , the client browser URL do not change.the data is also not lost.It is just like a browser page refresh. Whatever data posted in the first submit is resubmitted again.So use it with caution.
Both forward and redirect are used in different scenarios ,the global forward should be redirect because it is an error situation.
Redirect is slower as it needs a roundtrip.Forwards are faster.
If you specify
redirect="true", Struts uses a client-side redirect
[response.sendRedirect()]
. The JSP will be invoked by a new browser request, and any data stored in the old request will be lost.
I am wondering if there is a way to get facebook user profile image's real url in https.
Like I use https://graph.facebook.com/20926460/picture to get a the profile image,
It will redirect to http://profile.ak.fbcdn.net/hprofile-ak-snc4/41539_20926460_5421452_q.jpg.
Is there a way to get the "https" version of the second url? or is the url existing?
This might have changed in the docs since you last looked, I know everyone got excited about https after that snooping tool came out.
"If you need a picture to be returned over a secure connection, you can set the return_ssl_resources argument to 1: https://graph.facebook.com/xx_userid_xx/picture?return_ssl_resources=1."
Hopefully that won't redirect you.
Update 10 sept 2012
https://graph.facebook.com/20926460/picture now redirects to https urls.
You can just replace http by https in the target url but keep in mind that it is only temporary and may time out.
there is also no valid ssl certificate, but if you ignore that, the file will be served.
if you need a valid certified https url for pictures you need to set up a proxy script on your server that passes through the file.
edit:
as for your comment here is an example of what i meant by "proxy script".
you can put it on your server and request it with whatever protocl/scheme you like.
just like it was a local picture. you should probably validate the mime type. do some error handling and prevent injections etc. but just to give you ap icture:
<?
header("Content-Type: image/jpeg");
echo file_get_contents('https://graph.facebook.com/'.intval($_GET["id"]).'/picture');
fyi i put the int cast there to prevent injection hacking.
script is untested but should work as file_get_contents will follow redirects.
I need to include some secure (BASIC authentication) application.
when I open the application URL in the browser, the browser asks me to enter your credentials ...
what I know is that:
The browser ask the server to get
some URL -- the url of the app
The server checks the request header
for the Authentication header and
didn't find it
The server sends 401 to the
browser back
The browser interpret this response
code into a message dialog that
shows to me asking me to enter the
username/password to send back to
the server in the Authentication
request header
So far... so good, I can write some page (in JSP) that send this required http request header to the request that is calling this page..
So I'll call this application through my page..
The problem here is, this application (in fact a GWT application) contains a reference to some Javascript and CSS files that is coming from the server that hosts this application. the application page that I import looks like:
<html>
<link href="http://application_host/cssfile.css" />
<link href="http://application_host/javascriptfile.js" />
.....
</html>
So, again I found the application asks me for the authentication crenditals for the css and js files!
I am thinking of many solutions but don't know the applicability of each
One solution is to ask the browser
(via Javascript) to send the request
header (Authentication) when he
asks the server for the js and css
files
please give me your opinions about that... and any other suggestions will be very welcomed.
Thanks.
I think you're running into some weirdness with how your server is configured. Authentication happens in context of a authentication realm. Your assets should either be in the same authentication realm as your page, or (more likely) should not require authentication at all. The browser should be caching credentials for the given realm, and not prompt for them again.
See the protocol example on http://en.wikipedia.org/wiki/Basic_access_authentication
Judging from your story, something tells me your problem is with the authentication method itsef. Not how to implement it. Why do you want to bother with the request header so much?
As far as i know, you can configure your container (ie Tomcat) to force http authentication for certain urls. Your container will make sure that authentication has taken place. No need to set http headers yourself whatsoever.
Perhaps you can explain a bit better what you are trying to achieve, instead of telling implementation details?
Why css & js files are kept in protected area of server? You need to place files into public area of your server. If you don't have public area, so you nead to prpvide for it. how to do it depends from serverside software architecture & configuration.