Re: [squid-users] youtube safety mode

On 03/21/2011 04:31 PM, Amos Jeffries wrote:
> On Mon, 21 Mar 2011 16:06:31 -0800, Jon R. wrote:
>> On Friday, March 18, 2011 15:48 AKDT, Amos Jeffries wrote:
>>
>>> On 19/03/11 07:14, Test User wrote:
>>> > I had been asked if this is possible and doing a search through
>>> the mailing list and google, I could only find a howto for
>>> SafeSquid. Is it possible to do this in transparent mode using
>>> squid? If so, can someone point me to a doc on how to accomplish this?
>>>
>>> What is this "youtube safety mode" you speak of?
>>>
>>> NP: "SafeSquid" is a system which is not related to Squid, just taking
>>> the brand name to boost their product.
>>>
>>> Amos
>>
>> Hello Amos,
>>
>> I understand about SafeSquid after spending a couple minutes on their
>> site.
>>
>> The youtube safety mode is a mode that blocks objectionable content
>> from appearing as a result in a search. From what I have read it
>> appears to only work on a browser by browser basis, so I figured I
>> would ask the gurus' if they knew of a way to turn it on using a
>> transparent proxy.
>>
>> Here is a link to YouTubes explanation of what it is:
>>
>> http://www.google.com/support/youtube/bin/answer.py?answer=174084
>>
>
> That is one truely useless explanation for anyone with technical
> interest.
>
> Do you have any info or knowledge about how it operates in HTTP? or if
> it even does so?
>
> Squid has some capability to alter HTTP headers. But that requires
> knowing what is going on in the background and what to change from/to.
>
> Amos
>

The best information I have found for it is from the safesquid website
that explains how they enforce it.

Taken from: http://www.safesquid.com/html/portal.php?page=165

"The first rule in Profiles section identifies requests made for
youtube.com, and adds them a profile 'UNSAFE_YOUTUBE'.

The second rule analyzes the Request Header Pattern of the client, to
check if a string - 'PREF=f28000000' exists in cookie being sent to the
host. This string will be found, only if the client has opted for Safety
Mode. If the string is found, this rule removes the profile
'UNSAFE_YOUTUBE' from the request, and adds a profile 'SAFE_YOUTUBE' to
it, and the request is forwarded to the host.

If the string is not found, the request still carries the
'UNSAFE_YOUTUBE' profile. The rule under Rewrite document section acts
upon such requests, and inserts the string in the cookie section of the
client request headers, and forwards the request to the host.

So effectively, all requests that are sent to the host, i.e.
youtube.com, carry the 'Safety Mode Enabled' preference string. This
makes youtube serve only filtered results to the client."

I think almost the same thing could be done with squid but I am not a
squid master, so I am asking here. I am sorry if I am not giving you
good information to work with.

Jon
Received on Tue Mar 22 2011 - 03:16:54 MDT