RE: HTTP Filter rejecting some requests
- From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Fri, 1 Jul 2005 13:08:07 -0500
Hi Rob,
Try turning off checking for normalization in the HTTP Security Filter
for that rule.
Tom
www.isaserver.org/shinder <http://www.isaserver.org/shinder>
Tom and Deb Shinder's Configuring ISA Server 2004
http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7>
MVP -- ISA Firewalls
________________________________
From: Rob Moore [mailto:RMoore@xxxxxxxx]
Sent: Friday, July 01, 2005 1:03 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: HTTP Filter rejecting some requests
http://www.ISAserver.org
OK, a little more troubleshooting has unearthed a bit more info.
A shorter URL gets blocked if it has spaces (%20) in it and a
longer URL with no spaces gets through. So I guess it's not a size thing
but a space (%20) thing. Is there a way to stop this behavior?
Thanks again,
Rob
________________________________
From: Rob Moore [mailto:RMoore@xxxxxxxx]
Sent: Friday, July 01, 2005 1:54 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] HTTP Filter rejecting some requests
http://www.ISAserver.org
Hello all--
I'm publishing a Microsoft Sharepoint Services web server on my
ISA 2004 server (Windows Server 2003). Sometimes when we click on a
link, it gets rejected. Error message = 12217 The request was rejected
by the HTTP filter.
When I look at the logs, I get a message that says "Blocked by
the HTTP security filter: URL normalization was not complete after one
pass."
The URL is automatically generated (an ASP page, I guess) and is
quite long:
http://192.168.200.2/sca/Lists/General%20Discussion/NewForm.aspx?Source=
http%3A%2F%2Ftmp%2Eafscstar%2Eorg%2Fsca%2FLists%2FGeneral%2520Discussion
%2FAllItems%2Easpx
<http://192.168.200.2/sca/Lists/General%20Discussion/NewForm.aspx?Source
=http%3A%2F%2Ftmp%2Eafscstar%2Eorg%2Fsca%2FLists%2FGeneral%2520Discussio
n%2FAllItems%2Easpx>
Other pages generated the same way don't seem to have a problem.
For example:
http://192.168.200.2/sca/Lists/FAQs/NewForm.aspx?Source=http%3A%2F%2Ftmp
%2Eafscstar%2Eorg%2Fsca%2FLists%2FFAQs%2FFlat%2Easpx
<http://192.168.200.2/sca/Lists/FAQs/NewForm.aspx?Source=http%3A%2F%2Ftm
p%2Eafscstar%2Eorg%2Fsca%2FLists%2FFAQs%2FFlat%2Easpx>
Is it a length thing? (i.e., Does size really matter?)
For troubleshooting purposes, we created a link that would
generate an even longer URL, and it got blocked, too.
Is there a way to change this behavior?
Thanks,
Rob
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Rob Moore
Network Manager
215-241-7870
American Friends Service Committee
1501 Cherry St.
Philadelphia, PA 19102
RMoore@xxxxxxxx
Phone: 215-241-7870
Fax: 215-241-7204
Love is the only rational act.
--Morrie Schwartz
------------------------------------------------------
List Archives:
http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter:
http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ:
http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion
List as: rmoore@xxxxxxxx
To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives:
http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter:
http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ:
http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion
List as: tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
Other related posts:
