I'm sure I can find him and bring him back if you want...... From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Steve Moffat Sent: Wednesday, July 01, 2009 5:38 PM To: ISA Mailing List Subject: [isalist] Re: ISA 2004 -- Response content is encoded and cannot be scanned Ahh...Andrew English..there's a guy...lol From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Edgardo Balansay Sent: Wednesday, July 01, 2009 6:04 PM To: ISA Mailing List Subject: [isalist] Re: ISA 2004 -- Response content is encoded and cannot be scanned On Fri, Jun 26, 2009 at 12:34 PM, Jim Harrison <Jim@xxxxxxxxxxxx<mailto:Jim@xxxxxxxxxxxx>> wrote: The research force is strong with this one... Thanks! I was lurking & LOLing during the Andrew English era. =) Yes - if you have any HTTP filter settings applied, and the content is delivered using any encoding other than gzip, the HTTP filter will reject it. If thats how it is, then thats how it is. Added to memory. The solutions offered in those threads are what you will have to choose from. Sweet! The custom HTTP rule is working sufficiently, just wanted to know if there was an update. Jim Until next time, thanks again! Edgardo From: isalist-bounce@xxxxxxxxxxxxx<mailto:isalist-bounce@xxxxxxxxxxxxx> [mailto:isalist-bounce@xxxxxxxxxxxxx<mailto:isalist-bounce@xxxxxxxxxxxxx>] On Behalf Of Edgardo Balansay Sent: Friday, June 26, 2009 9:36 AM To: isalist Subject: [isalist] ISA 2004 -- Response content is encoded and cannot be scanned Hi all! Happy 2009! =) So, as usual ISA 2004 Standard has been running great and I haven't had to query this list for a while, until now: 1) Accessing, http://www.evite.com/ 2) In the center above the flash slide show is a link, "Create an invitation" to create an invitation. This link goes to: http://www.evite.com/app/invitations/gallery/templates.do?isNew=true Upon browsing to http://www.evite.com/app/invitations/gallery/templates.do?isNew=true IE 7.0 returns the "500 Internal Server Error. The request was rejected by the HTTP filter. Contact your ISA Server administrator. (12217)" Looking on the ISA logs, displays, "Blocked by the HTTP security filter: the Response content is encoded and cannot be scanned" ---------- Reviewing our HTTP security filters, the only HTTP filter applied is the, "Block responses containing Windows executable content" There are no other signatures, etc. blocking stuff. ------------- Browsing this list archives, it appears something similar has been encountered a few times around 2005 with others sites, such as perhaps Staples / Starwood Hotels, and downloading of .tar.gz files. A few Relevant threads: 1) [isalist] Creating a custom HTTP protocol Where the good Dr. Shinder prescribes configuring the site for Direct Access -- which for the Original Poster & us, still yields the same '...response content is encoded and cannot be scanned...' message. The client machines are SNAT, Firewall Client, & Web Proxy ISA Clients. 2) [isalist] How to allow downloading .tar.gz files In this post, Jim H, indicates, "Unfortunately, you can't have encoding and inspection in the same breath. You'll have to either use FTP to get the files or disable the HTTP Filter for the duration." --------------------- Anyhow, users that are assigned to a different HTTP rule that does allow Windows Executable Content to download (Network Admins), can easily access the Evite link: http://www.evite.com/app/invitations/gallery/templates.do?isNew=true Question: Like the "Creating a custom HTTP protocol" thread from 12/2005, is it still the suggestion to create a custom HTTP rule for certain sites that respond with encoded content to allow users access? Thanks! Edgardo