The ISA Server 2004 rules engine considers URLs and
host-headers to be encoded by UTF8 encoding. In this scenario, if the encoding
schema differs from UTF8, the ISA Server 2004 rules engine considers the URL or
host header to be encoded according to the code page that is enabled on the ISA
Server-based computer.
Therefore, if either of the following
conditions is true, you must consider these differences when you specify URL
sets or HTTP filter signatures in ISA Server:
- Users in your organization use encoding schemes other than
UTF8.
- Users in your organization connect to ISA Server 2004 from
computers with configured code pages that differ from the code page that is
configured on the ISA Server computer.
For example, consider the following example Web site name:
xn--5a.com
In this scenario, both the following behaviors occur:
- Users who use Microsoft Internet Explorer can visit this
Web site by visiting the "xn--5a.com" Web site.
- Users who use a Web browser program such as Netscape
Navigator or Opera can visit this Web site by visiting
"ae.com." ae.com, " where
ae is the German letter "a" with an
umlaut.
In this scenario, if you create rules that affect this Web site
by using the name "xn--5a.com," those rules can be matched. However, if you
create rules that affect this Web site by using the name
"
ae.com," those rules are not matched. Therefore,
your access policy may be bypassed.
For additional information about
HTTP filtering in ISA Server 2004, visit the following Microsoft Web site:
For additional information about how to configure access rules in
ISA Server 2004, see the
ISA Server 2004 Configuration Guide. To obtain this guide, visit the following Microsoft Web site:
The
third-party products that this article discusses are manufactured by companies
that are independent of Microsoft. Microsoft makes no warranty, implied or
otherwise, regarding the performance or reliability of these products.