~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From: "Evan Mann" <emann (at) pinnaclefinancial (dot) com [email concealed]>
Subject: Allowing site redirection with URLScan
: I have several websites that my developers call
: "cookie cutters". The main URL for the website will launch
: an ASP that calls resources on an second website and
: return info to the requesting site that is specific
: to that site.
:
: URLScan doesn't want to allow this behavior.
: Can URLscan be configured to allow this type of
: behavior? Or can I just entirely whitelist these
: select sites from URLscan?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
What exactly are you doing that URLScan is not letting you do?
OTOH the only thing I can think of is that URLScan is blocking all .ASP
pages from being served, in which case the idea of whitelisting something is
not what you want...
Cheers
Ken
------------------------------------------------------------------------
---
Network with over 10,000 of the brightest minds in information security
at the largest, most highly-anticipated industry event of the year.
Don't miss RSA Conference 2004! Choose from over 200 class sessions and
see demos from more than 250 industry vendors. If your job touches
security, you need to be here. Learn more or register at
http://www.securityfocus.com/sponsor/RSA_focus-ms_031027
and use priority code SF4.
------------------------------------------------------------------------
---
From: "Evan Mann" <emann (at) pinnaclefinancial (dot) com [email concealed]>
Subject: Allowing site redirection with URLScan
: I have several websites that my developers call
: "cookie cutters". The main URL for the website will launch
: an ASP that calls resources on an second website and
: return info to the requesting site that is specific
: to that site.
:
: URLScan doesn't want to allow this behavior.
: Can URLscan be configured to allow this type of
: behavior? Or can I just entirely whitelist these
: select sites from URLscan?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
What exactly are you doing that URLScan is not letting you do?
OTOH the only thing I can think of is that URLScan is blocking all .ASP
pages from being served, in which case the idea of whitelisting something is
not what you want...
Cheers
Ken
------------------------------------------------------------------------
---
Network with over 10,000 of the brightest minds in information security
at the largest, most highly-anticipated industry event of the year.
Don't miss RSA Conference 2004! Choose from over 200 class sessions and
see demos from more than 250 industry vendors. If your job touches
security, you need to be here. Learn more or register at
http://www.securityfocus.com/sponsor/RSA_focus-ms_031027
and use priority code SF4.
------------------------------------------------------------------------
---
[ reply ]