
One of the trending topic I discuss regularly with my company IT department is the need to block Flash content on our navigation proxies.
As a Security people I have no doubt about, Flash must be blocked. Period.
Because I manage some Squid proxy I made this simple and effective configuration in squid.conf file.
# Block FLASH VIDEO
acl byeflash rep_mime_type -i video/flv video/x-flv ^application/x-shockwave-flash video/f4m video/f4 ^application/.*flash.*
http_reply_access deny byeflash
I made an ACL (byeflash) that match against the mime type of the reply received from Squid proxy (see ACL documentation for more details on rep_mime_type). This is a regexp that look for some specific mime type related to Flash content to block it.
The acl is then applied to http_reply_access configuration directive (see documentation).
Restart squid and say goodbye to Flash!