Squid Web Cache wiki

Squid Web Cache documentation

🔗 Feature: Customizable Error Message

Goal: To alter the error pages layouts and content generated by Squid.
Status: complete.
Version: 2.1
Developer: Unknown.

🔗 Details

Squid lets you customize your error messages. The source distribution includes error messages in different languages.

From Squid 3.1:

CSS hooks are available for display redesign and coloring.
Language translations are done by default automatically when language pages are installed. See Translations Project for more details on those.

For older Squid you can select the language with the configure option –enable-err-language=lang.

If needed, you can make a copy and re-write the error message template files in any version.

🔗 deny_info URL codes for embedding

Squid-2.1 toSquid-3.1 only provide this macro code:

%s

Absolute URL requested by client

Squid-3.2 adds URL templating codes:

%a

User identity
%d

seconds elapsed since request received (not yet implemented)
%e

errno
%E

strerror()
%h

Squid public hostname
%H

server host name
%i

client IP address
%I

server IP address (NP: upper case i)
%M

Request Method
%o

Message returned by external ACL helper
%p

URL port number
%P

Protocol
%R

URL path requested.
%S

Squid version signature.
%s

Absolute URL requested by client
%t

local time
%T

UTC
%U

Absolute URL without password. Uses * instead of path for CONNECT requests.
%u

Absolute URL with password. May be missing path on CONNECT requests.
%w

cachemgr email address

🔗 ERR_* template codes for embedding

This list describes the macro codes which Squid will replace in the error response messages, and what details will be inserted:

%a

User identity
%B

URL with FTP %2f hack
%c

Squid error code
%d

seconds elapsed since request received (not yet implemented)
%D

Squid-generated error details. May contain other error page formatting codes. Currently only TLS/SSL connection failures are detailed. For example, %D in a customized ERR_SECURE_CONNECT_FAIL response may be expanded into “The host name you are connecting to (foo.com) does not match any of the certificate names (foo.org, foo.net)…”). Supported since Squid-3.2. See also: application-level error code (%x) and system level error code/detail (%e/%E).
%e

errno
%E

strerror()
%f

FTP request line
%F

FTP reply line
%g

FTP server message
%h

cache hostname
%H

server host name
%i

client IP address
%I

server IP address
%l

Local site CSS stylesheet
%L

contents of err_html_text config option
%M

Request Method
%m

Error message returned by external auth helper
%o

Message returned by external acl helper
%p

URL port number
%P

Protocol
%R

Full HTTP Request
%S

squid default signature
%s

caching proxy software with version
%t

local time
%T

UTC time
%U

URL without password
%u

URL with password
%W

Extended error page data URL-encoded for mailto links.
%w

cachemgr email address
%x

Application-level error name or identifier (e.g., X509_V_ERR_UNABLE_TO_GET_CRL). Currently only supported for SSL certificate validation errors. See also: system-level error code/detail (%e/%E) and application-level error detail (%D).
%z

DNS server error message
%Z

Message generated during the process which failed. May be ASCII-formatted. Use within HTML PRE tags.

🔗 Custom error pages not displayed for HTTPS

HTTPS uses HTTP CONNECT messages to relay through a proxy. Due to browser behaviour handling these CONNECT messages (described in https://bugzilla.mozilla.org/show_bug.cgi?id=479880) any custom error page produced by the proxy is ignored and a generic browser page displayed instead.

Usually this browser page mentions connection faulure or other such irrelevant details.

In fact any response other than 200 OK is completely dropped by the browser and the same browser template page displayed. This can lead to some very weird authentication problems when using HTTPS through an authenticated proxy as well for authentication schemes where the 407 message body has relevance.

Categories: Feature

Navigation: Site Search, Site Pages, Categories, 🔼 go up