• RSS
  • Twitter
  • FaceBook

Deb Shinder Blog RSS

All Blogs  »  Deb Shinder Blog  »  News ISA Central  »  Blog article: ISA Server 2004 blocks requests that include the Accept-Encoding HTTP header when a forward proxy is used

ISA Server 2004 blocks requests that include the Accept-Encoding HTTP header when a forward proxy is used

Dall Ball, on the ISAserver.org mailing list shared an interesting problem. He noted that after installing ISA 2006 SP1, his users were starting to see errors that they hadn’t seen before. The error returned to the users’ browsers was:

  • Error Code: 502 Proxy Error. The request is not supported. (50)

It seemed like a pretty mysterious problem to me, even after checking a few lines of log files information provided by Dan. But then Dan did a packet trace on the connection and sent to Jim Harrison. Jim read the capture and said:

Do you have compression disabled?

If so, have a peek at the script in http://support.microsoft.com/?id=927263.

This script is supported for ISA 2006 after SP1.

This is a problem I wasn’t aware of! You might have the same problem as Dan if the following is true:

On a server that is running Microsoft Internet Security and Acceleration (ISA) Server 2004 with Service Pack 2, you disable the following two Web filters:

  • Compression Filter
  • Caching Compressed Content Filter

After you do this, ISA Server 2004 blocks requests that include the Accept-Encoding HTTP header when a forward proxy is used.

These Web filters were introduced in ISA Server 2004 Service Pack 2. You might disable these Web filters because of program compatibility problems that involve some Web servers.

So, if you’re seeing random 502 proxy errors with the request not being supported (50), then you should run the script found at http://support.microsoft.com/kb/927263

UPDATE:

More information on this issue from Jim Harrison:

“When compression is disabled, ISA will strip off the “Accept-encoding” header that the client sends.

This is done to prevent the web site sending compressed responses because ISA can’t apply HTTP body inspection to it.

In this case (and several others, it seems), the web site sends compressed content anyway (it’s a Sun server; waddayexpect?).

Since ISA knows it can’t process compressed HTTP bodies, it rejects it.

Adding this value causes ISA to forward the “Accept-encoding” header and when the content is delivered compressed, ISA simply sends it back to the client as-is without inspecting it.”

 

HTH,

Tom

Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer
Prowess Consulting www.prowessconsulting.com
PROWESS CONSULTING documentation | integration | virtualization
Email: tshinder@isaserver.org
MVP — Forefront Edge Security (ISA/TMG/IAG)

This entry was posted on Friday, August 15th, 2008 at 7:33 am and is filed under News, ISA Central. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

5 Responses to “ISA Server 2004 blocks requests that include the Accept-Encoding HTTP header when a forward proxy is used”

  1. hgh Says:

    August 20th, 2008 at 6:28 am

    egtret

  2. TK Says:

    October 15th, 2008 at 3:22 pm

    Thanks once again o’wise ones! Where would I be? I recently had a user say that his favorite site started spewing this error…

    We’ve been running ISA2006 fully patched and service packed for quite a while and I have NOT had any needs to make or adjust anything. So what?

    The site is www.cabelas.com

    After running the mentioned script the site magically started working again. So, should I be concerned? Do I need to run the sister script to disable it? Should I turn on the disabled compression filter?

    Thanks, Troy

  3. Website Compression: Check ISA 2004 « I did it my way Says:

    September 29th, 2009 at 3:59 am

    […] So there was something stripping it off. Bless the company firewall. Apparently ISA 2004 SP2 introduced two new filters for HTTP content, a “Compression Filter” and a “Caching Compressed Content Filter”. These were the culprits for me and I had to make sure I had ISA Server Sp3, diasable both of these filters and then use A VBScript to stop any potential 502 proxy errors. More detailed information is available from this blog entry from Thomas Shinder with links to the relevent Microsoft sections. […]

  4. Website Compression: Check ISA 2004 « I did it my way Says:

    September 30th, 2009 at 7:18 am

    […] So there was something stripping it off. Bless the company firewall. Apparently ISA 2004 SP2 introduced two new filters for HTTP content, a “Compression Filter” and a “Caching Compressed Content Filter”. These were the culprits for me and I had to make sure I had ISA Server Sp3, disable both of these filters and then use A VBScript to stop any potential 502 proxy errors. More detailed information is available from this blog entry from Thomas Shinder with links to the relevent Microsoft sections. […]

  5. Download Annalise Says:

    February 7th, 2011 at 5:00 am

    At least 6 or 7 thousands visitors at your weblog now, nice results for single website.

Leave a Reply


Receive all the latest articles by email!

Receive Real-Time & Monthly ISAserver.org article updates in your mailbox. Enter your email below!
Click for Real-Time sample & Monthly sample

Become an ISAserver.org member!

Discuss your ISA Server issues with thousands of other ISA Server experts. Click here to join!