This patch is generated from the deny_info_url-1 branch of HEAD-1 in squid Sun Jan 25 14:43:44 2004 GMT See http://devel.squid-cache.org/ Index: squid/src/cf.data.pre diff -u squid/src/cf.data.pre:1.54 squid/src/cf.data.pre:1.43.4.5 --- squid/src/cf.data.pre:1.54 Sun Feb 24 19:15:33 2002 +++ squid/src/cf.data.pre Mon Apr 1 14:11:12 2002 @@ -2526,6 +2526,7 @@ DEFAULT: none DOC_START Usage: deny_info err_page_name acl + or deny_info http://... acl Example: deny_info ERR_CUSTOM_ACCESS_DENIED bad_guys This can be used to return a ERR_ page for requests which @@ -2535,6 +2536,13 @@ You may use ERR_ pages that come with Squid or create your own pages and put them into the configured errors/ directory. + + Alternatively you can specify an error URL. The browsers will then + get redirected (302) to the specified URL. %s in the redirection + URL will be replaced by the requested URL. + + Alternatively you can tell Squid to reset the TCP connection + by specifying TCP_RESET. DOC_END NAME: memory_pools Index: squid/src/enums.h diff -u squid/src/enums.h:1.31 squid/src/enums.h:1.27.4.3 --- squid/src/enums.h:1.31 Wed Feb 27 01:16:52 2002 +++ squid/src/enums.h Mon Apr 1 14:11:13 2002 @@ -92,6 +92,7 @@ ERR_FTP_UNAVAILABLE, ERR_ONLY_IF_CACHED_MISS, /* failure to satisfy only-if-cached request */ ERR_TOO_BIG, + TCP_RESET, ERR_MAX } err_type; Index: squid/src/errorpage.c diff -u squid/src/errorpage.c:1.17 squid/src/errorpage.c:1.15.4.4 --- squid/src/errorpage.c:1.17 Mon Apr 1 02:17:02 2002 +++ squid/src/errorpage.c Mon Apr 1 15:13:48 2002 @@ -67,6 +67,10 @@ "
\n" "Generated %T by %h (%s)\n" "\n" + }, + { + TCP_RESET, + "reset" } }; @@ -115,9 +119,11 @@ /* dynamic */ ErrorDynamicPageInfo *info = ErrorDynamicPages.items[i - ERR_MAX]; assert(info && info->id == i && info->page_name); - error_text[i] = errorLoadText(info->page_name); + if (strchr(info->page_name, ':') == NULL) { + /* Not on redirected errors... */ + error_text[i] = errorLoadText(info->page_name); + } } - assert(error_text[i]); } } @@ -206,13 +212,34 @@ xfree(info); } +static int +errorPageId(const char *page_name) +{ + int i; + for (i = 0 ; i < ERR_MAX; i++) + { + if (strcmp(err_type_str[i], page_name) == 0) + return i; + } + for (i = 0; i < ErrorDynamicPages.count; i++) + { + if (strcmp(((ErrorDynamicPageInfo *) ErrorDynamicPages.items[i - ERR_MAX])->page_name, page_name) == 0) + return i + ERR_MAX; + } + return ERR_NONE; +} + int errorReservePageId(const char *page_name) { - ErrorDynamicPageInfo *info = - errorDynamicPageInfoCreate(ERR_MAX + ErrorDynamicPages.count, page_name); - stackPush(&ErrorDynamicPages, info); - return info->id; + ErrorDynamicPageInfo *info; + int id = errorPageId(page_name); + if (id == ERR_NONE) { + info = errorDynamicPageInfoCreate(ERR_MAX + ErrorDynamicPages.count, page_name); + stackPush(&ErrorDynamicPages, info); + id = info->id; + } + return id; } static const char * @@ -274,9 +301,9 @@ errorStateFree(err); return; } - if (0 == strncmp(error_text[err->page_id], "reset", 5)) { + if (err->page_id == TCP_RESET) { if (err->request) { - debug(0, 0) ("RSTing this reply\n"); + debug(4, 2) ("RSTing this reply\n"); err->request->flags.reset_tcp = 1; } } @@ -408,7 +435,7 @@ * t - local time x * T - UTC x * U - URL without password x - * u - URL without password, %2f added to path x + * u - URL with password x * w - cachemgr email address x * z - dns server error message x */ @@ -540,6 +567,9 @@ case 'U': p = r ? urlCanonicalClean(r) : err->url ? err->url : "[no URL]"; break; + case 'u': + p = r ? urlCanonical(r) : err->url ? err->url : "[no URL]"; + break; case 'w': if (Config.adminEmail) memBufPrintf(&mb, "%s", Config.adminEmail); @@ -573,23 +603,32 @@ errorBuildReply(ErrorState * err) { HttpReply *rep = httpReplyCreate(); - MemBuf content = errorBuildContent(err); + const char *name = errorPageName(err->page_id); http_version_t version; /* no LMT for error pages; error pages expire immediately */ httpBuildVersion(&version, 1, 0); - httpReplySetHeaders(rep, version, err->http_status, NULL, "text/html", content.size, 0, squid_curtime); - /* - * include some information for downstream caches. Implicit - * replaceable content. This isn't quite sufficient. xerrno is not - * necessarily meaningful to another system, so we really should - * expand it. Additionally, we should identify ourselves. Someone - * might want to know. Someone _will_ want to know OTOH, the first - * X-CACHE-MISS entry should tell us who. - */ - httpHeaderPutStrf(&rep->header, HDR_X_SQUID_ERROR, "%s %d", - errorPageName(err->page_id), err->xerrno); - httpBodySet(&rep->body, &content); - /* do not memBufClean() the content, it was absorbed by httpBody */ + if (strchr(name, ':')) { + /* Redirection */ + char *quoted_url = rfc1738_escape_part(errorConvert('u', err)); + httpReplySetHeaders(rep, version, HTTP_MOVED_TEMPORARILY, NULL, "text/html", 0, 0, squid_curtime); + httpHeaderPutStrf(&rep->header, HDR_LOCATION, name, quoted_url); + httpHeaderPutStrf(&rep->header, HDR_X_SQUID_ERROR, "%d %s\n", err->http_status, "Access Denied"); + } else { + MemBuf content = errorBuildContent(err); + httpReplySetHeaders(rep, version, err->http_status, NULL, "text/html", content.size, 0, squid_curtime); + /* + * include some information for downstream caches. Implicit + * replaceable content. This isn't quite sufficient. xerrno is not + * necessarily meaningful to another system, so we really should + * expand it. Additionally, we should identify ourselves. Someone + * might want to know. Someone _will_ want to know OTOH, the first + * X-CACHE-MISS entry should tell us who. + */ + httpHeaderPutStrf(&rep->header, HDR_X_SQUID_ERROR, "%s %d", + name, err->xerrno); + httpBodySet(&rep->body, &content); + /* do not memBufClean() the content, it was absorbed by httpBody */ + } return rep; } squid-deny_info_url-1-HEAD-1.new squid-deny_info_url-1-HEAD-1 differ: char 77, line 2