cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post

Usercheck - special char in variable value breaks href

Hello everyone,

Customizing Anti-bot Blocked Usercheck. HTML coding below.  I am triggering the anti-bot check by going to the Checkpoint testing URL. I get the Usercheck page but having some issues. I created a hyperlink that will build an email response (href="mailto:). My href seems to break when I add the $orig_url$ or $activity$ variable. On my blocked page I either get a broken link display text from the line, or the body stop dispalying the rest of the variable value, from what I guess, is a special character. The href below is the ultimate goal but variables orig_url and activity are giving me grief. They however display fine on the blocked page.  Has anybody come across this issue?

<SPAN style="FONT-FAMILY: " Calibri?,?sans-serif?; FONT-SIZE: 11pt?>
<P><SPAN style="FONT-FAMILY: " FONT-SIZE: Arial?,?sans-serif?; 10pt?>Your computer is possibly trying to access a malicious server<SPAN style="COLOR: #1f497d"><FONT color=#000000>. It may be infected by malware.</FONT></SPAN></SPAN><SPAN class=smartcontrol1><SPAN style="FONT-FAMILY: " Calibri?,?sans-serif?; FONT-SIZE: 11pt? COLOR: windowtext;><?xml:namespace prefix = "o" ns = "urn:schemas-microsoft-com:office:office" /><o:p></o:p></SPAN></SPAN></P>
<P><SPAN style="FONT-FAMILY: " FONT-SIZE: Arial?,?sans-serif?; 10pt?> </SPAN></P>
<P><SPAN style="FONT-FAMILY: " FONT-SIZE: Arial?,?sans-serif?; 10pt?></SPAN></P>
<P><A href="mailto:email@domain.ca&amp;subject=Possible%20malicious%20bot%20activity&amp;body=Workstation%20IP:%... here to send email notification to Service Desk</A></P>
<P><SPAN style="FONT-FAMILY: ?></SPAN></P>&#13;&#10;<P><SPAN style=" FONT-SIZE: Arial?,?sans-serif?; 10pt? ? FONT-FAMILY:></SPAN></P><SPAN style="FONT-FAMILY: " FONT-SIZE: Arial?,?sans-serif?; 10pt?><o:p>
<P> </P>
<P> </P>
<P>Activity: <SPAN id=activity class="smartField activity" contentEditable="false" UNSELECTABLE="on">Activity</SPAN></P></o:p></SPAN>
<P></SPAN></P>
<P><SPAN style="FONT-FAMILY: " Calibri?,?sans-serif?; FONT-SIZE: 11pt?><SPAN style="FONT-FAMILY: " Calibri?,?sans-serif?; FONT-SIZE: 11pt?><SPAN style="FONT-FAMILY: " Calibri?,?sans-serif?; FONT-SIZE: 11pt?></SPAN></SPAN></SPAN></P>
<P><SPAN style="FONT-FAMILY: " Calibri?,?sans-serif?; FONT-SIZE: 11pt?><SPAN style="FONT-FAMILY: " Calibri?,?sans-serif?; FONT-SIZE: 11pt?><SPAN style="FONT-FAMILY: " Calibri?,?sans-serif?; FONT-SIZE: 11pt?></SPAN></SPAN></SPAN></P>
<P><SPAN style="FONT-FAMILY: " Calibri?,?sans-serif?; FONT-SIZE: 11pt?><SPAN style="FONT-FAMILY: " Calibri?,?sans-serif?; FONT-SIZE: 11pt?><SPAN style="FONT-FAMILY: " Calibri?,?sans-serif?; FONT-SIZE: 11pt?></SPAN></SPAN></SPAN></P>
<P></P>
<P><SPAN style="FONT-FAMILY: " Calibri?,?sans-serif?; FONT-SIZE: 11pt?><SPAN style="FONT-FAMILY: " Calibri?,?sans-serif?; FONT-SIZE: 11pt?><SPAN style="FONT-FAMILY: " Calibri?,?sans-serif?; FONT-SIZE: 11pt?>URL: <SPAN id=orig_url class="smartField orig_url" contentEditable="false" UNSELECTABLE="on">Original URL</SPAN></SPAN></SPAN></SPAN></P>
<P><SPAN style="FONT-FAMILY: " Calibri?,?sans-serif?; FONT-SIZE: 11pt?><SPAN style="FONT-FAMILY: " Calibri?,?sans-serif?; FONT-SIZE: 11pt?><SPAN style="FONT-FAMILY: " Calibri?,?sans-serif?; FONT-SIZE: 11pt?> </SPAN></SPAN></SPAN></P>

0 Kudos
3 Replies
Admin
Admin

Re: Usercheck - special char in variable value breaks href

My guess is that this is a bug that needs to be brought through the TAC for further investigation.

Contact Support | Check Point Software 

0 Kudos

Re: Usercheck - special char in variable value breaks href

I had the same problem, the issue happens when you copy and past the suggestion from CP into the usercheck text mode field: It converts the & (ampersand symbol) into &amp; 

You just need to replace these five letters back to the ampersand

0 Kudos
Highlighted

Re: Usercheck - special char in variable value breaks href

Hi there,

Thought I had updated this but apparently not.

Did open a call with TAC and R&D confirmed a bug and provided a hotfix as well as SK124073. Confirmed that it works in our environment.