KBI 310274 Argent Defender Not Detecting HTTP Errors
Version
All
Date
16 Nov 2011
Summary
Argent Defender does not seem to detect HTTP errors (e.g. HTTP 401, HTTP 500)
A network capture program proves that an HTTP error code is indeed being returned
Technical Background
When IE requests a page that does not exist or is not authorized to view, two situations can happen depending on how web server is configured:
1. No special configuration is done at server side, HTTP error codes like 401, 403, 404, 500 are returned to IE. Argent Defender can detect this.
2. Web server is configured to return a pre-configured, custom or default error page. In this case, in the eye of Argent Defender, a normal page is returned. The HTTP code is 200 and no error is detected
Resolution
To detect this kind of configuration, we need to use the keyword ‘TestStringExist’ or ‘ElementExist’ to identify the error page.
Sample Script:
Navigate "http://127.0.0.1/Argent_Commander/enterprise.asp" If TestStringExist("Unauthorized", bIgnoreCase, bUseInnerText) then FireAlert "Unauthorized Access - Login Error", "compare_string" End If