Amos, your are right, this options is set per default! I was trying to configure squid to change User-Agent string from http headers using 'request_header_access' and 'request_header_replace' configuration directives.
I got misled by squid documentation which claims that '--enable-http-violations' is a compile-time prerequisite in order to use these directives, see here: http://www.squid-cache.org/Doc/config/request_header_access/ http://www.squid-cache.org/Doc/config/request_header_replace/ http://wiki.squid-cache.org/SquidFaq/ConfiguringSquid Quote from the last link: 'Squid must be built with the --enable-http-violations configure option before building.' Output of 'squid -v' shows no '--enable-http-violations', which led me to the conclusion that this option is not set per default. So I recompiled my own squid packages with this option set (which then appeared in the ouput of 'squid -v') and got it to work. I should have tested with official debian packages before reporting this as an issue. Sorry for wasting your time! ps. it seems that there is a configuration option named '--disable-http-violations' that really disables all 'violating' configuration directives Thanks, Kristijan Caprdja

