Endpoint Protection clients not protected by Web Security Service through Web Traffic Redirection
Last Updated June 25, 2019
On computers using the Symantec Endpoint Protection (SEP) client Web Traffic Redirection (WTR) component configured it to use a custom PAC file hosted outside the PAC File Management System (PFMS):
When visiting http://test.threatpulse.com, the status page shows "You are not protected!"
Web Security Service (WSS) filtering rules are not applied to Web sites
This problem can happen when the internal PAC file provided to the WTR engine was created in a text editor that uses a single line feed (LF) character as a line break instead of a carriage return line feed (CRLF). The WTR engine only recognizes CRLF characters as line breaks. LF characters do not register as a new line in in the parser and generate a parsing error. The SEP WTR engine fails open when this happens, sending traffic directly instead of through the WSS.
To work around this problem, either recreate the PAC file using a text editor configured to insert CRLF characters for line breaks (such as notepad on Windows), or replace any LF (0A in Hexadecimal) characters in the PAC file with CRLF (0D0A in Hexadecimal) characters.
Subscribing will provide email updates when this Article is updated. Login is required to Subscribe