Content modifier

Content modifier

Overview

Use 'Content modifier' to remove or modify contents like AcitveX, JavaScript, Cookies from selected websites.
It enables you to modify the contents of web pages, files, the client header, and server header in real time.

Enabling Content modifier section on SafeSquid User Interface

Access the SafeSquid interface

Go to Configure Page

Goto configure.png     

Go to Real time content security

Go to real time content security.png     

Go to Content modifier section

Global

Enabled

Enable or Disable this section.
TRUE: Enable content rewriting.
FALSE: Disable content rewriting.
     

Rewriting Policies

Contentmodi-policy.jpg 
List of regular expression substitutions to apply to matching files.

Enabled

Enable or Disable this Entry.
TRUE: Enable this Entry.
FALSE: Disable this Entry.

Comment

For documentation, and future references, explain the relevance of this entry with your policies.
That is, by reading the policies, a future user can understand the purpose of that entry.

Profiles

Specify the Profiles applicable for this entry.
This entry will be applicable only if the connection has any one of the specified profiles.
Leave it Blank, to apply for all connections irrespective of any applied profile.
To avoid application to a connection that has a profile, use negated profile (!profile).

Mime type.

Specify regular expression matching the MIME-types for which this entry is applicable.
According to their nature and format, MIME-type is a way of identifying files on the Internet.
It is highly advisable that you set this to some mime-type; otherwise, all files will be checked.
Example: text/html, ^image/, ^application/, application/x-shockwave-flash.

Pattern

A regular expression pattern matching the area of text inside the file, 'to modify'.
This may be trailed with a '/' followed by flag characters like in Perl to modify options used to compile the regular expression and must be if a '/' is used anywhere else in the regular expression.

Replace

Specify the replacement text to use in place of the area of text matching the pattern mentioned in the above field.
It may contain back references to strings captured using parenthesis in the pattern.

Applies to

This option is to select what the rewrite entry applies to.
BODY: Rewrite the body of the webpage or file.
CLIENT: Rewrite the client header, this happens before Middleman parses it so be careful not to remove any headers needed to handle the request properly.
SERVER: Rewrite the header from the remote web server, same conditions from client header apply.
POST: Rewrite POST/PUT data sent when submitting a form or uploading a file.

Example

Rule#1

I want to modify title tag of webpages which will indicate that it has been this webpage is inspected by SafeSquid.
This rule is to be applied to every connection.
To ensure the title tag is modified the chunked response needs to be buffered.
Using regex (Regular Expression) we can use pattern matching to select the title tag of webpages.
Replace with the title tag Inspected by SafeSquid.
Presentation1-cntInspection.png
Rule#2
We want to request PNG & JPG images instead of AVIF & WEBP from remote server.
AVIF images and ignore by SafeSquid’s image analyser.
Using regex (Regular Expression) we can use pattern matching to select the header request sent from client to SafeSquid.
Modify the header response and request for PNG & JPG image instead of AVIF & WEBP
Slide2-cntInspection.png
Slide3-cntInspection.png




    • Related Articles

    • Accelerators

      Accelerators Use accelarators to optimize resource utilization and improve response time. Caching Content Caching improves bandwidth efficiency. A page or file, when requested by a user, is served to the user and a copy of it is also maintained ...

    • DLP

      Overview DLP is nothing but Data Loss Prevention module in Safequid. DLP module was introduced in SafeSquid to restrict end users from sending sensitive or critical information outside the corporate network. You can achieve this simply by creating ...

    • Response Types

      Overview Use Response profiles to manage profiling based on the responses received from the webserver. You can manage Profiling based on the following parameters present in the responses received from the webserver. Mime File Content-Length Response ...

    • SqScan

      Overview SqScan is a built-in module in SafeSquid that protects the users against malware. Internet browsing is unsafe while browsing certain sites which allow malware or virus. This causes software attack on the computer, which decreases its ...

    • External Applications

      Overview The external feature allows you to use any program or script to parse the contents of a file. The external parser must send a complete HTTP request or response header, which overrides the ones sent by the browser or Web server. If nobody is ...