configuration-templates – Rev 69

Subversion Repositories:
?pathlinks?
Rev 11 – Blame – Compare with Previous – Last modification – View Log – Download
###########################################################################
##  Copyright (C) Wizardry and Steamworks 2013 - License: GNU GPLv3      ##
##  Please see: http://www.gnu.org/licenses/gpl.html for legal details,  ##
##  rights of fair usage, the disclaimer and warranty conditions.        ##
###########################################################################
## Squid3 - rules to anonymize HTTP request headers.                     ##
###########################################################################

### Content-Types that are acceptable for the response (replace this).
request_header_access Accept deny all
### Character sets that are acceptable (replace this).
request_header_access Accept-Charset deny all
### List of acceptable encodings (replace this).
request_header_access Accept-Encoding deny all
### List of acceptable human languages for response (replace this).
request_header_access Accept-Language allow all
### Acceptable version in time
# request_header_access Accept-Datetime allow all
request_header_access Authorization allow all
# request_header_access Cache-Control allow all
request_header_access Connection allow all
### Needed for not breaking most websites.
request_header_access Cookie allow all
request_header_access Content-Length allow all
request_header_access Content-MD5 allow all
request_header_access Content-Type allow all
### The date and time that the message was sent.
# request_header_access Date allow all
request_header_access Expect allow all
### The email address of the user making the request.
# request_header_access From allow all
request_header_access Host allow all
request_header_access If-Match allow all
request_header_access If-Modified-Since allow all
request_header_access If-None-Match allow all
request_header_access If-Range allow all
request_header_access If-Unmodified-Since allow all
### Limit the number of times the message can be forwarded through proxies
### or gateways.
# request_header_access Max-Forwards allow all
### Initiates a request for cross-origin resource sharing (CORS).
request_header_access Origin allow all
# request_header_access Pragma allow all
request_header_access Proxy-Authorization allow all
request_header_access Range allow all
### Needed in order to not break some sites using referrer checks.
request_header_access Referer allow all
request_header_access TE allow all
### Replace the User-Agent string except for the domains specified in the
### "real_user_agent" ACL.
acl real_user_agent dstdom_regex "/etc/squid3/real_user_agent.conf"
request_header_access User-Agent allow real_user_agent
request_header_access User-Agent deny !real_user_agent
### Ask the server to upgrade to another protocol.
# request_header_access Upgrade allow all
### Informs the server of proxies through which the request was sent.
request_header_access Via allow all
request_header_access Warning allow all
### Needed for AJAX requests.
request_header_access X-Requested-With allow all
### Requests a web application to disable their tracking of a user.
## Yeah, lol, wear a "do-not-follow-me" T-Shirt. Smart. Very smart.
# request_header_access DNT allow all
### Identifying the originating IP address of a client connecting through
### a proxy server indicating what client was forwarded.
# request_header_access X-Forwarded-For allow all
### Identifying the original host requested by the client.
request_header_access X-Forwarded-Host allow all
### Identifying the originating protocol of an HTTP request
request_header_access X-Forwarded-Proto allow all
request_header_access Front-End-Https allow all
request_header_access X-Http-Method-Override allow all
### Allows easier parsing of the MakeModel/Firmware that is usually found
### in the User-Agent String of AT&T Devices.
# request_header_access X-ATT-DeviceId allow all
### Full description and details about the device currently connecting.
# request_header_access X-Wap-Profile allow all
request_header_access Proxy-Connection allow all
### Server-side deep packet insertion of a unique ID identifying customers.
### of Verizon Wireless.
# request_header_access X-UIDH allow all
request_header_access X-Csrf-Token allow all
# request_header_access X-Request-ID allow all
# request_header_access X-Correlation-ID allow all
request_header_access X-Accel-Redirect allow all
request_header_access X-Sendfile allow all
request_header_access X-LIGHTTPD-send-file allow all
request_header_access X-Sendfile2  allow all
request_header_access X-Accel-Limit-Rate allow all 
request_header_access X-Accel-Buffering allow all
request_header_access X-Accel-Charset allow all
request_header_access Other deny all
request_header_access All deny all