[isalist] Re: ISA 2004 -- Response content is encoded and cannot be scanned
- From: Edgardo Balansay <balansay@xxxxxxxxx>
- To: isalist@xxxxxxxxxxxxx
- Date: Wed, 1 Jul 2009 14:04:14 -0700
On Fri, Jun 26, 2009 at 12:34 PM, Jim Harrison <Jim@xxxxxxxxxxxx> wrote:
> The research force is strong with this one…
>
Thanks! I was lurking & LOLing during the Andrew English era. =)
> Yes – if you have any HTTP filter settings applied, and the content is
> delivered using any encoding other than gzip, the HTTP filter will reject
> it.
>
If thats how it is, then thats how it is. Added to memory.
> The solutions offered in those threads are what you will have to choose
> from.
>
>
>
Sweet! The custom HTTP rule is working sufficiently, just wanted to know if
there was an update.
> Jim
>
> Until next time, thanks again!
Edgardo
>
>
> *From:* isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx]
> *On Behalf Of *Edgardo Balansay
> *Sent:* Friday, June 26, 2009 9:36 AM
> *To:* isalist
> *Subject:* [isalist] ISA 2004 -- Response content is encoded and cannot be
> scanned
>
>
>
> Hi all! Happy 2009! =)
>
>
>
> So, as usual ISA 2004 Standard has been running great and I haven't had to
> query this list for a while, until now:
>
>
>
> 1) Accessing, http://www.evite.com/
>
> 2) In the center above the flash slide show is a link, "Create an
> invitation" to create an invitation. This link goes to:
> http://www.evite.com/app/invitations/gallery/templates.do?isNew=true
>
>
>
> Upon browsing to
> http://www.evite.com/app/invitations/gallery/templates.do?isNew=true
>
>
>
> IE 7.0 returns the "500 Internal Server Error. The request was rejected by
> the HTTP filter. Contact your ISA Server administrator. (12217)"
>
>
>
> Looking on the ISA logs, displays, "Blocked by the HTTP security filter:
> the Response content is encoded and cannot be scanned"
>
>
>
> ----------
>
> Reviewing our HTTP security filters, the only HTTP filter applied is the,
> "Block responses containing Windows executable content" There are no other
> signatures, etc. blocking stuff.
>
>
>
> -------------
>
> Browsing this list archives, it appears something similar has
> been encountered a few times around 2005 with others sites, such as perhaps
> Staples / Starwood Hotels, and downloading of .tar.gz files.
>
>
>
> A few Relevant threads:
>
>
>
> 1) [isalist] Creating a custom HTTP protocol
>
> Where the good Dr. Shinder prescribes configuring the site for Direct
> Access -- which for the Original Poster & us, still yields the same
> '...response content is encoded and cannot be scanned...' message. The
> client machines are SNAT, Firewall Client, & Web Proxy ISA Clients.
>
>
>
> 2) [isalist] How to allow downloading .tar.gz files
>
>
>
> In this post, Jim H, indicates, "Unfortunately, you can't have encoding and
> inspection in the same breath.
>
> You'll have to either use FTP to get the files or disable the HTTP Filter
> for the duration."
>
>
>
> ---------------------
>
>
>
> Anyhow, users that are assigned to a different HTTP rule that does allow
> Windows Executable Content to download (Network Admins), can easily access
> the Evite link:
> http://www.evite.com/app/invitations/gallery/templates.do?isNew=true
>
>
>
>
>
> Question:
>
>
>
> Like the "Creating a custom HTTP protocol" thread from 12/2005, is it still
> the suggestion to create a custom HTTP rule for certain sites that respond
> with encoded content to allow users access?
>
>
>
> Thanks!
>
> Edgardo
>
Other related posts:
