Responder/Rewrite/ContentSwitching Advanced policies does not evaluate Nordic Language Characters

book

Article ID: CTX239538

calendar_today

Updated On:

Description

No Policy actions are taken when Nordic characters are used in HOST field.

Sample config:
add responder policy test-responder-utf-policy-Host "HTTP.REQ.HOSTNAME.SET_CHAR_SET(UTF_8).CONTAINS(\"ä\") " test-responser-utf-action

No Policy hits are observed.

Resolution

Currently this is working as per design. We have raised an Enhancement request (718434) to support PunyCode decoding for Advanced Policy Expressions.

Problem Cause

Browser converts the Nordic characters in HOST field to PunyCode format. Please see below:

Traces are for 'http://ä.com'

    GET / HTTP/1.1\r\n
    Host: xn--4ca.com\r\n
    User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:63.0) Gecko/20100101 Firefox/63.0\r\n
    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\n
    Accept-Language: en,sv-SE;q=0.7,de-DE;q=0.3\r\n
    Accept-Encoding: gzip, deflate\r\n
    DNT: 1\r\n
    Connection: keep-alive\r\n
    Upgrade-Insecure-Requests: 1\r\n
    \r\n
    [Full request URI: http://xn--4ca.com/]
    [HTTP request 1/1]

Citrix ADC Policy Engine only supports UTF-8 Format. There is no support for PunyCode yet.

The advanced expressions work for URL's as Browser encodes the Nordic characters in UTF-8 format when used in a URL.
Please see below:

Traces are for 'http://lb.repro.lab/ä'

    GET /%C3%A4 HTTP/1.1\r\n
    Host: lb.repro.lab\r\n
    User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:63.0) Gecko/20100101 Firefox/63.0\r\n
    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\n
    Accept-Language: en,sv-SE;q=0.7,de-DE;q=0.3\r\n
    Accept-Encoding: gzip, deflate\r\n
    DNT: 1\r\n
    Connection: keep-alive\r\n
    Upgrade-Insecure-Requests: 1\r\n
    \r\n
    [Full request URI: http://lb.repro.lab/%C3%A4]
    [HTTP request 1/1]

Issue/Introduction

This is applicable only to Advanced policies using Nordic Characters in HOST field. Policies are evaluated correctly when these characters are used in URL's

Was this article helpful?

thumb_up Yes

thumb_down No

Welcome to "KB Articles"