Solved !
I had to add more than only google.com/recaptcha/ ...
So do : tail -f /var/log/squid/access.log
I had to add (not all mandatory) : .ireby.fr .mozilla.org
.callnowbutton.com .googleapis.com .consentmanager.net
.googletagmanager.com .gstatic.com
Thanks a lot.
Dsant from France
On 2/20/24 09:40, Stephen Borrill wrote:
On 20/02/2024 08:06, Dsant wrote:
Hello, I set up a squid proxy, I want to allow some sites, Google
recaptcha and block everything else.
acl mydest dstdomain .projet-voltaire.fr
http_access allow mydest
acl google_recaptcha url_regex ^www.google.com/recaptcha/$
http_access allow google_recaptcha
http_access deny all
The captcha is not showing. A syntax error ?
www.google.com is an HTTPS site. This means that from the point of
view of the proxy, only the hostname is visible (i.e. www.google.com)
and so your regex can never match. Look in your logs, you will see:
CONNECT www.google.com
and not:
GET http://www.google.com/recaptcha/
The only way round this is to use ssl_bump to intercept and decrypt
the traffic so that the HTTP request is visible. This is, however, not
for the faint-hearted and will require a CA certificate to be
installed on each client machine.
_______________________________________________
squid-users mailing list
squid-users@lists.squid-cache.org
https://lists.squid-cache.org/listinfo/squid-users