Hi Beeri, > 1. Security - Origin sever might change the replied http header and add > the "X-MY-SCANNER: Allow" it self, > and bypass the content filter, In that case I would not > be able to prevent kids from viewing un honest pages :-(
Yes this problem exists. I am just refering it as way to pass info from reqmod to respmod icap services. > 2. Performance - Redundant call since I already know that request is > allowed. Yes the performance is a problem here. Assuming that you have 95% accepted requests and only 5% blocked maybe is not so problem to make your checks only in respmod request. But you know beter than me your requirements. > > There for I would like to keep in squids session data the classification > and upon to the classification prior to response-mod call. > > For now I have figured out that the best place to set the data between > the req-mod and resp-mod if in the > ....... I am not sure but I think that the best place to put your classification data is the request_t structure. Regards, Christos