From: Marco Beck Date: Fri, 1 Apr 2011 01:21:46 +0000 (-0600) Subject: Regression fix: Replacing reply headers X-Git-Tag: SQUID_3_1_12~11 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=68a12bfaa44d772c59d86def4326c2955acf0ab4;p=thirdparty%2Fsquid.git Regression fix: Replacing reply headers Restores the functionality to replace reply headers as found in Squid 2. header_replace worked for both request and reply headers back then. The creation of request_header_access and reply_header_access altered replace_headers to only work on requests. It should have received this name split back then. --- diff --git a/doc/release-notes/release-3.1.sgml b/doc/release-notes/release-3.1.sgml index b1d903eaed..87571984c1 100644 --- a/doc/release-notes/release-3.1.sgml +++ b/doc/release-notes/release-3.1.sgml @@ -701,6 +701,22 @@ This section gives a thorough account of those changes in three categories:

Controls how many different forward paths Squid will try before giving up. Default: 10 + reply_header_replace +

This option allows you to change the contents of reply headers. + + In Squid 2 header_replace (now deprecated) worked for both requests + and replies, while in Squid 3 it only did respect request headers. + This option brings back the functionality to replace the contents of + reply headers. Consult the documentation for usage details. + + request_header_replace +

This option allows you to change the contents of request headers. + + To be consistent with the naming changes of header_access in Squid 3 + (header_access has been split into two options request_header_access + and reply_header_access), header_replace (now deprecated) is being + replaced by request_header_replace. + icap_log

New option to write ICAP log files record ICAP transaction summaries, one line per transaction. Similar to access.log. @@ -1091,6 +1107,9 @@ NOCOMMENT_START X-Forwarded-For entries, and place itself as the sole entry. + header_replace +

Deprecated. Use request_header_replace or reply_header_replace instead. + http_port transparent intercept ssl-bump connection-auth[=on|off] ignore-cc

Option 'transparent' is being deprecated in favour of 'intercept' which more clearly identifies what the option does. For now option 'tproxy' remains with old behaviour meaning fully-invisible proxy using TPROXY support.

diff --git a/src/cf.data.pre b/src/cf.data.pre index 14c8d41e94..b504918b37 100644 --- a/src/cf.data.pre +++ b/src/cf.data.pre @@ -3915,18 +3915,18 @@ DOC_START performed). DOC_END -NAME: header_replace +NAME: request_header_replace header_replace IFDEF: HTTP_VIOLATIONS TYPE: http_header_replace[] LOC: Config.request_header_access DEFAULT: none DOC_START - Usage: header_replace header_name message - Example: header_replace User-Agent Nutscrape/1.0 (CP/M; 8-bit) + Usage: request_header_replace header_name message + Example: request_header_replace User-Agent Nutscrape/1.0 (CP/M; 8-bit) This option allows you to change the contents of headers - denied with header_access above, by replacing them with - some fixed string. This replaces the old fake_user_agent + denied with request_header_access above, by replacing them + with some fixed string. This replaces the old fake_user_agent option. This only applies to request headers, not reply headers. @@ -3934,6 +3934,24 @@ DOC_START By default, headers are removed if denied. DOC_END +NAME: reply_header_replace +IFDEF: HTTP_VIOLATIONS +TYPE: http_header_replace[] +LOC: Config.reply_header_access +DEFAULT: none +DOC_START + Usage: reply_header_replace header_name message + Example: reply_header_replace Server Foo/1.0 + + This option allows you to change the contents of headers + denied with reply_header_access above, by replacing them + with some fixed string. + + This only applies to reply headers, not request headers. + + By default, headers are removed if denied. +DOC_END + NAME: relaxed_header_parser COMMENT: on|off|warn TYPE: tristate