ra-at-diladele-com
commented
6 months ago Attempts to design a system to prohibit such entries in the Admin UI failed. Problems:
-
we can prohibit adding a .eu.example.com when .example.com exists in the configuration relatively easily. But what to do if admin has a longer version of the .eu.example.com in the configuration and wants to add shorter one? Then we would need to tell him that the shorter pattern that he wants to add would result into a longer patter already existing not usable. And ideally we need to tell him to better edit the longer pattern in the config by making it shorter. This is very complex in django.
-
also - our exclusions allow admin to have one exclusion with flags - so if flags are different - then having both pattern are correct (for example exclude .example.com from auth but only .eu.example.com from web filtering). So we need to actually check the patterns only per exclusion type. This makes it even more complex.
So decided to postpone this complex problem for now and simply ignore this warning. If this warning is disturbing the admin needs to do what this warning says exactly - i.e. remove .eu.example.com from config if he intends to add just .example.com.
Admin adds 2 domain names to exclusions - .eu.example.com and .example.com. Most probably these two sites were added at two different points in time or even by two different admins. Then after clicking Save and Restart and also in UI / Squid / General / Verification we have the following warning.
This error comes from Squid. Note that luckily we create domain exclusion acl by sorting domains by length, so in the file the .example.com comes before .eu.example.com - this results into warning and not error from squid. If longer name would precede the shorter one squid would give an error.