Need to block source "github.com/user-attachments/files/16246802/README.txt".
it is also written in the blacklist file
in squid.conf:
acl need_to_block dsdom_regex "/etc/squid/blacklists/block.txt"
http_access deny need_to_block
Downloads file without problems and also gives access to other resources that have "https"
what should i fix so that it denies access?
Most modern sites work through a TLS connection, thus I bet the browsers use CONNECT method to establish a TLS tunnel through your proxy. Thus, unless you're sslBmumping those, your squid cannot really see what's inside this tunnel.
So technically what you're intending to do is doable, but way overcomplicated. In an enterprise environment these things are often done through a corporate antivirus software, which observes the content of the TLS traffic through it's agent and blocks certain attachment types.
Just saying. sslBumping is a bumpy road, if you know what I'm saying. :)
