This article applies to:
Symptoms:
- Created a Standard rule that includes a file size condition
- The condition returns false, regardless of file size
- This issue happens with only a few servers or when WebMarshal is forwarding requests through another proxy
- The affected sites or other proxy support HTTP compression
Causes:
- Standard rule file size conditions depend on size information provided by the remote server in response headers.
- When a site or proxy uses HTTP compression, the file size might not be sent in headers because the headers are sent before compression is complete.
- In this case WebMarshal returns "false" for all file size conditions.
Resolution:
To resolve this issue simply, use file size conditions only in Content Analysis rules. These rules are run after content is downloaded, and the size of the data is known.
However, this simple resolution does not allow early blocking of files by size, if the size is actually reported in the headers.
You can create a set of Standard rules to use file size information if it is available, as follows:
- In Standard rules, create a rule that uses the file size condition (and any other conditions required).
- Immediately below this rule, create a new rule container. The conditions for the container should include all of the rule's conditions except for the file size condition.
- Create a rule inside the container. This rule should have the converse of the file size condition only (if the original condition is "less than" then this rule should have a condition "greater than"), and an action of "Skip any remaining rules in this container".
- Create a second rule inside the container. This should match any request, and should have the same actions as the problematic rule (allowing, or blocking, the download).
- Create a Content Analysis Rule that matches the rule in step 1.
The key to this method is the rule in step 3. When the file size is not reported, it will never match either "greater than" or "less than" a particular size.
If the file size is reported and matches the condition, the rule from step 4 is skipped and rule processing carries on as before. If the size is not reported, or is reported and does not match, the rule from step 4 is executed.
Example rules:
The following rules demonstrate the resolution described above:
Standard Rules:
Rule: Permit downloads from Trusted Download sites
When a web request is received for download
For any users
And where the URL is a member of Trusted Download Sites
And where the transferred data size is Less than 10240 KB
Permit access
And do not process any further standard rules
[Trusted Download Sites Size Container]
When a web request is received for download
For any users
And where the URL is a member of Trusted Download Sites
Process rules in this container
Rule: File Size check - was any size reported?
When a web request is received
For any users
And where addressed to any URL
And where the transferred data size is Greater than 10240 KB
Skip any remaining rules in this container
Rule: Do not block if file size not reported
When a web request is received
For any users
And where addressed to any URL
Permit access
And do not process any further standard rules
Content Analysis Rule:
Rule: Permit downloads from Trusted Download sites
When a web request is received for download
For any users
And where the URL is a member of Trusted Download Sites
And where the transferred data size is Less than 10240 KB
Permit access
And do not process any further content analysis rules