Cisco Cisco Web Security Appliance S390 Betriebsanweisung

The Web Proxy can be configured to redirect all HTTP end-user notification pages to a specific URL 
that you specify. 

By default, AsyncOS redirects all blocked websites to the URL regardless of the reason why it blocked 
the original page. However, AsyncOS also passes parameters as a query string appended to the redirect 
URL so you can ensure that the user sees a unique page explaining the reason for the block. For more 
information on the included parameters, see 

.

When you want the user to view a different page for each reason for a blocked website, construct a CGI 
script on the web server that can parse the query string in the redirect URL. Then the server can perform 
a second redirect to an appropriate page. 

You can use any HTTP or HTTPS URL.

The URL may specify a specific port number.

The URL may not have any arguments after the question mark.

The URL must contain a well-formed hostname.

For example, if you have the following URL entered in the Redirect to Custom URL field: 

http://www.example.com/eun.policy.html

 

And you have the following access log entry: 

Then AsyncOS creates the following redirected URL: 

AsyncOS passes the parameters to the web server as standard URL Parameters in the HTTP GET request. 
It uses the following format:

<notification_page_url>?param1=value1&param2=value2

 

1182468145.492 1 172.17.0.8 TCP_DENIED/403 3146 GET http://www.espn.com/index.html 

HTTP/1.1 - NONE/- - BLOCK_WEBCAT-DefaultGroup-DefaultGroup-NONE-NONE-DefaultRouting 

<IW_sprt,-,-,-,-,-,-,-,-,-,-,-,-,-,-,IW_sprt,-> -

http://www.example.com/eun.policy.html?Time=21/Jun/

2007:23:22:25%20%2B0000&ID=0000000004&Client_IP=172.17.0.8&User=-

&Site=www.espn.com&URI=index.html&Status_Code=403&Decision_Tag=

BLOCK_WEBCAT-DefaultGroup-DefaultGroup-NONE-NONE-DefaultRouting

&URL_Cat=Sports%20and%20Recreation&WBRS=-&DVS_Verdict=-&

DVS_ThreatName=-&Reauth_URL=-