On Tue, Jan 28, 2025 at 9:47 PM Ervin Hegedüs <airw...@gmail.com> wrote:
> Hi there, > > I would like to allow a specific URL for a specific client. This is how I > try to do that: > > acl wordpressgravity url_regex -i > ^https?://s3\.amazonaws\.com\/gravityforms\/releases\/.* > acl vmapache1 src 172.30.40.5/32 > http_access allow vmapache1 wordpressgravity > Unless you are using SSL man-in-the-middle, Squid never sees the request URL for https. What it sees is a CONNECT request to the domain s3.amazonaws.com; it never sees the full path. This is intentional, by design of https. > The URL is something like this: > > > https://s3.amazonaws.com/gravityforms/releases/gravityforms_2.9.2.zip?AWSAccessKeyId=AKblahblah4F&Expires=1712345678&Signature=0cblahblah%3D > > but it does not work - I always get 403. > > What do I do wrong? > You can filter to the domain, using a combination of 3 acls: - a CONNECT acl - the vmapache1 acl - a dstdomain acl for s3.amazonaws.com It's not possible to filter the path -- Francesco
_______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org https://lists.squid-cache.org/listinfo/squid-users
