* Add a little bit of XHR script to the CGI cachemgr front page which
probes each of the managed proxies for http:// and https:// capabilities
and produces web links to their internal managers.
* Reserve the template name MGR_INDEX for use by cachemgr scripts.
But do not distribute any preset template. This allows manager apps to
provide their own static template with linked scripts and objects.
* The error page system is updated to create a blanket message
indicating missing template instead of aborting Squid if a template is
not even installed.
Also, add Cross-Origin Request Support for the cache manager API
Now that tools are being implemented to access the cache manager via
http:// scheme we need to accomodate the browser XSS protection
mechanisms which limit XHR based scripts abilities.
This adds CORS headers to manager responses. Permitting XHR to view the
Server header (to detect squid version for known capabilities) and to
flag that the XHR request may need access to credentials for
authenticating with the manager.
This also closes the feature bug 3407 requesting we support the
non-standard "Origin:" header, which is used by the CORS mechanisms.
Future work:
Support the OPTIONS request used by CORS to detect requirements before
POSTing. We do not yet use POST in the Squid code so that is left until
needed.
projects / thirdparty / squid.git / commit
