/squid/3/anonymize_http_request.conf |
@@ -0,0 +1,92 @@ |
########################################################################### |
## Copyright (C) Wizardry and Steamworks 2013 - License: GNU GPLv3 ## |
## Please see: http://www.gnu.org/licenses/gpl.html for legal details, ## |
## rights of fair usage, the disclaimer and warranty conditions. ## |
########################################################################### |
## Squid3 - rules to anonymize HTTP request headers. ## |
########################################################################### |
|
### Content-Types that are acceptable for the response (replace this). |
request_header_access Accept deny all |
### Character sets that are acceptable (replace this). |
request_header_access Accept-Charset deny all |
### List of acceptable encodings (replace this). |
request_header_access Accept-Encoding deny all |
### List of acceptable human languages for response (replace this). |
request_header_access Accept-Language allow all |
### Acceptable version in time |
# request_header_access Accept-Datetime allow all |
request_header_access Authorization allow all |
# request_header_access Cache-Control allow all |
request_header_access Connection allow all |
### Needed for not breaking most websites. |
request_header_access Cookie allow all |
request_header_access Content-Length allow all |
request_header_access Content-MD5 allow all |
request_header_access Content-Type allow all |
### The date and time that the message was sent. |
# request_header_access Date allow all |
request_header_access Expect allow all |
### The email address of the user making the request. |
# request_header_access From allow all |
request_header_access Host allow all |
request_header_access If-Match allow all |
request_header_access If-Modified-Since allow all |
request_header_access If-None-Match allow all |
request_header_access If-Range allow all |
request_header_access If-Unmodified-Since allow all |
### Limit the number of times the message can be forwarded through proxies |
### or gateways. |
# request_header_access Max-Forwards allow all |
### Initiates a request for cross-origin resource sharing. |
# request_header_access Origin allow all |
# request_header_access Pragma allow all |
request_header_access Proxy-Authorization allow all |
request_header_access Range allow all |
### Needed in order to not break some sites using referrer checks. |
request_header_access Referer allow all |
request_header_access TE allow all |
### Replace the User-Agent string except for the domains specified in the |
### "real_user_agent" ACL. |
acl real_user_agent dstdom_regex "/etc/squid3/real_user_agent.conf" |
request_header_access User-Agent allow real_user_agent |
request_header_access User-Agent deny !real_user_agent |
### Ask the server to upgrade to another protocol. |
# request_header_access Upgrade allow all |
### Informs the server of proxies through which the request was sent. |
request_header_access Via allow all |
request_header_access Warning allow all |
### Needed for AJAX requests. |
request_header_access X-Requested-With allow all |
### Requests a web application to disable their tracking of a user. |
## Yeah, lol, wear a "do-not-follow-me" T-Shirt. Smart. Very smart. |
# request_header_access DNT allow all |
### Identifying the originating IP address of a client connecting through |
### a proxy server indicating what client was forwarded. |
# request_header_access X-Forwarded-For allow all |
### Identifying the original host requested by the client. |
request_header_access X-Forwarded-Host allow all |
### Identifying the originating protocol of an HTTP request |
request_header_access X-Forwarded-Proto allow all |
request_header_access Front-End-Https allow all |
request_header_access X-Http-Method-Override allow all |
### Allows easier parsing of the MakeModel/Firmware that is usually found |
### in the User-Agent String of AT&T Devices. |
# request_header_access X-ATT-DeviceId allow all |
### Full description and details about the device currently connecting. |
# request_header_access X-Wap-Profile allow all |
request_header_access Proxy-Connection allow all |
### Server-side deep packet insertion of a unique ID identifying customers. |
### of Verizon Wireless. |
# request_header_access X-UIDH allow all |
request_header_access X-Csrf-Token allow all |
# request_header_access X-Request-ID allow all |
# request_header_access X-Correlation-ID allow all |
request_header_access X-Accel-Redirect allow all |
request_header_access X-Sendfile allow all |
request_header_access X-LIGHTTPD-send-file allow all |
request_header_access X-Accel-Limit-Rate allow all |
request_header_access X-Accel-Buffering allow all |
request_header_access X-Accel-Charset allow all |
request_header_access Other deny all |
request_header_access All deny all |