This patch is generated from the deny_info_url-2_5 branch of s2_5 in squid Sun Jan 25 14:41:19 2004 GMT See http://devel.squid-cache.org/ Index: squid/src/cf.data.pre diff -u squid/src/cf.data.pre:1.49.2.26 squid/src/cf.data.pre:1.43.4.5.2.2 --- squid/src/cf.data.pre:1.49.2.26 Tue Oct 8 04:47:24 2002 +++ squid/src/cf.data.pre Tue Oct 29 15:53:47 2002 @@ -2587,6 +2587,7 @@ DEFAULT: none DOC_START Usage: deny_info err_page_name acl + or deny_info http://... acl Example: deny_info ERR_CUSTOM_ACCESS_DENIED bad_guys This can be used to return a ERR_ page for requests which @@ -2597,6 +2598,10 @@ You may use ERR_ pages that come with Squid or create your own pages and put them into the configured errors/ directory. + Alternatively you can specify an error URL. The browsers will then + get redirected (302) to the specified URL. %s in the redirection + URL will be replaced by the requested URL. + Alternatively you can tell Squid to reset the TCP connection by specifying TCP_RESET. DOC_END Index: squid/src/errorpage.c diff -u squid/src/errorpage.c:1.15.6.6 squid/src/errorpage.c:1.15.4.3.2.3 --- squid/src/errorpage.c:1.15.6.6 Fri Sep 20 14:47:21 2002 +++ squid/src/errorpage.c Tue Oct 29 15:53:48 2002 @@ -121,9 +121,11 @@ /* dynamic */ ErrorDynamicPageInfo *info = ErrorDynamicPages.items[i - ERR_MAX]; assert(info && info->id == i && info->page_name); - error_text[i] = errorLoadText(info->page_name); + if (strchr(info->page_name, ':') == NULL) { + /* Not on redirected errors... */ + error_text[i] = errorLoadText(info->page_name); + } } - assert(error_text[i]); } } @@ -212,13 +214,34 @@ xfree(info); } +static int +errorPageId(const char *page_name) +{ + int i; + for (i = 0 ; i < ERR_MAX; i++) + { + if (strcmp(err_type_str[i], page_name) == 0) + return i; + } + for (i = 0; i < ErrorDynamicPages.count; i++) + { + if (strcmp(((ErrorDynamicPageInfo *) ErrorDynamicPages.items[i - ERR_MAX])->page_name, page_name) == 0) + return i + ERR_MAX; + } + return ERR_NONE; +} + int errorReservePageId(const char *page_name) { - ErrorDynamicPageInfo *info = - errorDynamicPageInfoCreate(ERR_MAX + ErrorDynamicPages.count, page_name); - stackPush(&ErrorDynamicPages, info); - return info->id; + ErrorDynamicPageInfo *info; + int id = errorPageId(page_name); + if (id == ERR_NONE) { + info = errorDynamicPageInfoCreate(ERR_MAX + ErrorDynamicPages.count, page_name); + stackPush(&ErrorDynamicPages, info); + id = info->id; + } + return id; } static const char * @@ -579,23 +602,32 @@ errorBuildReply(ErrorState * err) { HttpReply *rep = httpReplyCreate(); - MemBuf content = errorBuildContent(err); + const char *name = errorPageName(err->page_id); http_version_t version; /* no LMT for error pages; error pages expire immediately */ httpBuildVersion(&version, 1, 0); - httpReplySetHeaders(rep, version, err->http_status, NULL, "text/html", content.size, 0, squid_curtime); - /* - * include some information for downstream caches. Implicit - * replaceable content. This isn't quite sufficient. xerrno is not - * necessarily meaningful to another system, so we really should - * expand it. Additionally, we should identify ourselves. Someone - * might want to know. Someone _will_ want to know OTOH, the first - * X-CACHE-MISS entry should tell us who. - */ - httpHeaderPutStrf(&rep->header, HDR_X_SQUID_ERROR, "%s %d", - errorPageName(err->page_id), err->xerrno); - httpBodySet(&rep->body, &content); - /* do not memBufClean() the content, it was absorbed by httpBody */ + if (strchr(name, ':')) { + /* Redirection */ + char *quoted_url = rfc1738_escape_part(errorConvert('u', err)); + httpReplySetHeaders(rep, version, HTTP_MOVED_TEMPORARILY, NULL, "text/html", 0, 0, squid_curtime); + httpHeaderPutStrf(&rep->header, HDR_LOCATION, name, quoted_url); + httpHeaderPutStrf(&rep->header, HDR_X_SQUID_ERROR, "%d %s\n", err->http_status, "Access Denied"); + } else { + MemBuf content = errorBuildContent(err); + httpReplySetHeaders(rep, version, err->http_status, NULL, "text/html", content.size, 0, squid_curtime); + /* + * include some information for downstream caches. Implicit + * replaceable content. This isn't quite sufficient. xerrno is not + * necessarily meaningful to another system, so we really should + * expand it. Additionally, we should identify ourselves. Someone + * might want to know. Someone _will_ want to know OTOH, the first + * X-CACHE-MISS entry should tell us who. + */ + httpHeaderPutStrf(&rep->header, HDR_X_SQUID_ERROR, "%s %d", + name, err->xerrno); + httpBodySet(&rep->body, &content); + /* do not memBufClean() the content, it was absorbed by httpBody */ + } return rep; } squid-deny_info_url-2_5-s2_5.new squid-deny_info_url-2_5-s2_5 differ: char 77, line 2