Removing HTTP Request Headers via Squid OPNSense

In this article, we will make a custom code to use in Squid OPNSense to remove specific HTTP request header when using Squid proxy. 


Prerequisites:

  1. You need to follow this article to install and use Squid OPNSense https://egirna.odoo.com/blog/news-2/how-to-configure-squid-proxy-on-opnsense-16” 
  2. The following versions were used in this article:
    • OPNSense version 22.7.11_1 
    • Squid version 5.7 
    • Firefox browser version 111.0.1

Initial HTTP Request body


In this section, we need to see all headers in the http request body through a simple HTTP request and response service like "httpbin" or a similar website. 

  1. Navigate to https://httpbin.org/ 
  2. Select Request inspection (Inspect the request data) to get the HTTP headers that appear in request mode.
    • then "Get/headers" to return the incoming request's HTTP headers.
    • then "Try it out", to test it online
    • then "Execute", to get the HTTP request headers 

    3. Scroll down to see the headers that appear. We will test our script on the header called "Referer", which contains the absolute or partial address from which a resource has been requested. 


 

Remove HTTP Header:

 
So let's remove the "Referer" header from the HTTP headers with Squid on OPNSense.

        1. SSH to your opnsense machine. You will get this screen, press 8 then enter to access the shell window


        2. Navigate to the directory called " post-auth" in the "squid" directory. For that write this command:

$ cd /usr/local/etc/squid/post-auth


        3. Create a new file with any name you want but with the ".conf" extension. Here we will create a file called " custom. conf". For that write this command: 

 $ touch custom.conf 

        4.     Edit the " custom.conf" file with any editor like nano or vim. For that write this command

 $ vim custom.conf  


        • The directive to use is request_header_access “headername” (allow/deny) source 
        • add this line in the file "request_header_access Referer deny all"
        • :wq for saving and quit from vim

        5. Navigate to the opnsense GUI to restart the "squid proxy"

        6. Open the browser that you apply the squid proxy configuration on like that from browser proxy settings:

 

        7. Navigate again to the https://httpbin.org/ 

        8. Repeat steps 1 to 3 from the Initial HTTP Request body 


        9. You should see that the "Referer" header is deleted from the headers 

 

We need to remove the "Range" HTTP header with squid. The Range HTTP request header indicates the part of a document that the server should return. So, we will make a custom code for it. 

You can do this for the "Range" header by writing this line "request_header_access Range deny all " in the "custom.conf" file:


Resources:

  1. http://www.squid-cache.org/Doc/config/request_header_access/


in News
How To Install Golang on FreeBSD