ProxySG unable to issue Notify User page when the user download image file. The Notify User page is displayed when the user accessing the main website, However, the Notify User page will be failed when try to match the image component on the website.
1. This is the condition to notify user
define condition __NotifyUser_should_notify
condition=__is_notifiable \
condition=!__is_notify_internal \
request.header.Cookie=!'notified-NotifyUser=1'
end
2. Lets drill down further to __is_notifiable condition
define condition __is_notifiable
http.method=GET url.scheme=(http, https) request.header.User-Agent="^(Mozilla|Opera)" request.header.Range=!"" request.header.If-Range=!"" http.response.code=200 response.header.Content-Type="text/html"
end
As per condition above, in order for the proxy to issue the notify page, the http request and http response MUST match all requirements above. However, the request made towards https://www.symantec.com/content/en/us/enterprise/images/theme/ssl-information-center/images/what-is-ssl-2.png will not match the last requirement, which is response.header.Content-Type="text/html" since this is image request instead of html.
As a result, the policy will not be matching.
Example:
Notify user policy rule will match when accessing https://www.symantec.com however, the rule is not matching when the user directly access https://www.symantec.com/content/en/us/enterprise/images/theme/ssl-information-center/images/what-is-ssl-2.png.
In order for the proxy to issue the notify page, the http(s) request and response MUST match all conditions below:
1. The HTTP Method must be GET
2. The url.scheme must be http or https
3. The user-Agent header must be begin with Mozilla or Opera
4. The request.header.Range and request.header.If-Range (if exist) =!"" (must not be blank)
5. The http response code must be 200
6. The response header header.Content-Type must be in "text/html"
The "__is_notifiable" condition is hard-coded in the proxy SGOS and it cannot be changed.