How to get squid to access to referred URLs?

Sheela N asked:

I have my whitelist setup and everything seems to be working perfectly. Except for one thing. Some of the sites host their assets on some sort of CDN (internal or external). As a result, certain sites don’t load certain elements, say CSS, correctly. The closest I got to was this:


acl myreferer referer_regex -i ^http://www.example.com
http_access allow myreferer

But that applies to a single site only. My whitelist is over a 100 sites. How would I ensure that squid loads the sites and all other content it refers to although it isn’t present in the whitelist?
Is this possible?

My answer:


You really should list all of the sites in the whitelist. If you just allow referrers, then anybody can click a link to a third party site from a site in the whitelist, and get at least the text of the page. Or they can just fake their referrer and browse to anywhere on the Internet. Yes, it’s more work, but if you really intend to lock things down with a whitelist, then you really have to do it right.


View the full question and answer on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.