[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW-1] Malformed URLs (fixed!) but now HTTPS
OK... Fixed the URL problem by upgrading to Feature Pack 2. But now I can't get to any HTTPS sites. I'm using the same rule as I did with Feature Pack 1 (it worked then). I am seeing an error on the log viewer that says "reason Web Content Security - access denied to resource" I don't have any web content monitoring software installed. Anyone have an idea? ~~~John > ---------- > From: John W. Kralik[SMTP:[email protected]] > Reply To: Mailing list for discussion of Firewall-1 > Sent: Wednesday, May 15, 2002 7:41 AM > To: [email protected] > Subject: Re: [FW-1] Malformed URLs > > Right, > > The spaces are auto-converted by MSIE (normal behavior), which is not > normally a problem (without Checkpoint, the request works fine.) In > fact, our old Raptor Firewall has no problem passing these requests. > > When Firewall-1 is put in place though, these web pages are inaccessible > to my client machines. > > Is this a bug with Firewall-1, or is there a work around? > > ~~~John > > > On Wed, May 15, 2002 at 12:14:49PM +0200, Volker Tanger wrote: > > John W. Kralik wrote: > > > > > > The firewall does not seem to allow passage of "white space" > > >characters in URL requests. (Such as http://www.anywhere.com/white > > >space here.html) We are using MS IE Explorer 6.0, which fills in the > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > > >spaces with %20 characters. > ^^^^^^^^^^^^^^^^^^^^^^^^^^ > > > > The firewall behaviour is correct - it's MSIE that goofs. > Oh really? > > A correct request looks like > > > > COMMAND URL PROTOCOL > > optional: header > > optional: header > > > > (double CR/LF) > > > > with COMMAND usually being get/post/put/head/connect and URL *not* > > containing whitespaces as the whitespaces are used to separate > COMMAND, > spaces in URL are autoconverted to %20 (at least this is what i read > above) > > -- > Robert Ramiega <[email protected]> RR282-RIPE > Security Team Leader | Systems Administrator > TDC Internet Polska SA | PDi Ltd > > ================================================= > To set vacation, Out Of Office, or away messages, > send an email to [email protected] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [email protected] > ================================================= > > ================================================= > To set vacation, Out Of Office, or away messages, > send an email to [email protected] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [email protected] > ================================================= > ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] ================================================= ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|