External applications

From Secure Web Gateway


The external feature allows you to use any program or script to parse the contents of a file.

The external parser must send a complete HTTP request or response header, which overrides the ones sent by the browser or Web server.

If nobody is sent after the header, the original body with modified headers is used.

Enabling External application section on SafeSquid User Interface

Access SafeSquid interface

Go to configure page

AllowsitescategorySlide1 (2).PNG
RequestTypeSlide1 (1).PNG



Enable or Disable external applications section.

  • TRUE : Enable external applications section.
  • FALSE : Disable external applications section.

Application Policies

List of external parsers to process content with.



Enable or Disable this entry

  • TRUE : Enable this entry.
  • FALSE : Disable this entry.


For documentation, and future references, explainthe relevance of this entry with your policies.


Specify the Profiles applicable for this entry.

This entry will be applicable only if the connection has any one of the specified profiles.

Leave it Blank, to apply for all connections irrespective of any applied profile.

To avoid application to a connection that has a profile, use negated profile (!profile).


The path to the executable; if no absolute path is given, the path as given in the PATH environment variable is searched. Any number of arguments can be passed by separating them by spaces; if you're using a temporary file as the method to pass the contents of the file, it's path is the last argument. If an executable returns with a non-zero status code, the original content is returned.


The method with which content is passed to the external program; if set to Pipe the content is piped to the program's STDIN, if set to File the content is stored in a temporary file and it's path is passed as the last argument.

Applies to

Select whether the external parser is used on the request, response, or both

Run once per session:

Run external parser for every request in a session until it returns a non-zero status code. This is useful for performing authentication through an external program.

Send header

Which header(s), if any, to send to the external program before sending the body. The response header option only applies to external programs that process the response. If both headers are sent, the request header is sent first.