Content stripping

Threats to your system can be hiding in active content sent via web pages. Active content is content that is embedded in the HTML page that performs actions, such as running an animation or a program.

The content stripping options make it possible to specify that content in particular scripting languages (ActiveX, JavaScript, or VB Script) be stripped from incoming web pages. If content stripping is enabled, all content in the specified scripting languages is removed from sites flagged as containing dynamic content or appearing on the Always Scan list (see Configuring Content Gateway analysis).

Content is removed only after the advanced analysis options have categorized the site and Filtering Service has determined which policy applies.

Warning: Web pages that rely on active content that has been stripped do not function as expected. To permit full access to sites that require active content, disable content stripping or add the sites to the Never Scan list.

The user requesting a page with active content does not receive any notification that content has been removed.

Use the Settings > Scanning > Scanning Options > Advanced Options area to set content stripping options.

Steps

  1. In the Advanced Options > Content Stripping area, select the types of scripting languages to be removed from incoming web pages.
    To disable content stripping for a selected language, clear the associated check box.
  2. When you are finished, click OK to cache your changes. Changes are not implemented until you click Save and Deploy.
    Warning: Content stripping can result in some content being garbled and unreadable. You can reduce the number of such occurrences by making a small change to the Content Gateway configuration.
    1. Open the Content Gateway manager and go to the Configure > Protocols > HTTP > Privacy tab.
    2. In the Remove Headers > Remove Others field, add: Accept-Encoding
    3. Click Apply and restart Content Gateway.