Microsoft KB Archive/888927

= Host headers and URLs are considered to be encoded by UTF8 encoding in Internet Security and Acceleration Server 2004 =

Article ID: 888927

Article Last Modified on 2/8/2007

-

APPLIES TO


 * Microsoft Internet Security and Acceleration Server 2004 Standard Edition

-





INTRODUCTION
This article describes encoding behavior that occurs in Microsoft Internet Security and Acceleration (ISA) Server 2004.



MORE INFORMATION
The ISA Server 2004 rules engine considers URLs and host-headers to be encoded by UTF8 encoding. In this scenario, if the encoding schema differs from UTF8, the ISA Server 2004 rules engine considers the URL or host header to be encoded according to the code page that is enabled on the ISA Server-based computer.

Therefore, if either of the following conditions is true, you must consider these differences when you specify URL sets or HTTP filter signatures in ISA Server:
 * Users in your organization use encoding schemes other than UTF8.
 * Users in your organization connect to ISA Server 2004 from computers with configured code pages that differ from the code page that is configured on the ISA Server computer.

For example, consider the following example Web site name:

xn--5a.com

In this scenario, both the following behaviors occur:
 * Users who use Microsoft Internet Explorer can visit this Web site by visiting the &quot;xn--5a.com&quot; Web site.
 * Users who use a Web browser program such as Netscape Navigator or Opera can visit this Web site by visiting &quot; .com.&quot; ae.com, &quot; where  is the German letter &quot;a&quot; with an umlaut.

In this scenario, if you create rules that affect this Web site by using the name &quot;xn--5a.com,&quot; those rules can be matched. However, if you create rules that affect this Web site by using the name &quot; .com,&quot; those rules are not matched. Therefore, your access policy may be bypassed.

For additional information about HTTP filtering in ISA Server 2004, visit the following Microsoft Web site:

http://www.microsoft.com/technet/isa/2004/plan/httpfiltering.mspx

For additional information about how to configure access rules in ISA Server 2004, see the ISA Server 2004 Configuration Guide. To obtain this guide, visit the following Microsoft Web site:

http://www.microsoft.com/isaserver/prodinfo/previousversions/2004.mspx

The third-party products that this article discusses are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, regarding the performance or reliability of these products.

Additional query words: Additional Content Protocol (ACP), RFC 3490, 3491, 3492

Keywords: kbhowto kbfirewall kbinfo KB888927

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.