On Thu, 12 May 2005, Adeoye Oke wrote:
> I believe this could be achieved by say redirecting POST requests to some
> custom filter of a sort and if certain keyword matches occur (much like spam
> filtering), the user instead of having his page submitted, would be
> redirected to an authorization page, at which point if the submission was
> allowed, could be manually reviewed by calling an administrators attention,
> and then say a password could be entered to grant the submission of the
> content.
Sounds like a viable plan.
> I know this seems quite a bit of work just to filter email, but believe me,
> in this situation it might be necessary. My question really is, how much of
> this can be handled by squid alone, and what could I use to handle any part
> which cant be. I am thinking of maybe some php/perl script might be involved
> somewhere, but I'm having a little problem coming up with something from
> scratch and then piecing it all together.
Squid can act as the engince deciding what POST requests may go direct and
what must be intercepted and approved by your system. When it redirects
the POSTs the original server name can be encoded into the request so your
application can know what was requested.
You will however need your own software (CGI/PHP/whatever) accepting the
redirected POST requests, buffering and validating the data sent, and
deciding on how/if it should be forwarded including the actual act of
forwarding.
1. Collect the POST:ed data
2. Verify content
3. If OK, make the request to the originally requested page. Remember to
include the proper request headers from the client request.
4. If not OK, buffer the request and offer your authorization page.
5. When authorization successful, forward the request as in 3.
Regards
Henrik
Received on Thu May 26 2005 - 08:10:45 MDT
This archive was generated by hypermail pre-2.1.9 : Wed Jun 01 2005 - 12:00:03 MDT