Enabling Enhanced Scanning of the Kaspersky would come up ICAP error for the non-UTF8 characters with using Internet Explorer.

TECH255700
Last Updated August 06, 2019
Copy Article Title/URL
Feedback
Subscribe

There is one of a special feature in Kaspersky called "Enhanced Scanning". When it is enabled ( default disabled) and customer uses IE11, CAS would return ICAP error.

This is for an example on Japanese language: Bellow link is the URL for "Click here", and actual URL is: http://10.106.18.200/test/run-script?parm=テスト.html.  
Query strings consist of non-UTF8 characters. Then SG returns ICAP Error ( see error message section )

This is expected because Kaspersky with Enhanced Scanning option can not support non-UTF8 characters.

Looking at Encoded Characters. This is Japanese (Shift-Jis), therfore it's non-UTF8.

 

Here is a condition 

Configure CAS kaspersky with Enhanced Scanning enabled. (disabled by default)

On IE configuration. Send UTF-8 query strings for ... option is disabled as default settings.

 

We have confirmed that this is in fact behavior of the IE browser. IE does not send UTF-8 query strings for non-Intranet URLs as default settings. Kaspersky Enhanced Scanning scans the query Strings which is included the query strings. If the query strings contain non-UTF8 characters, Kaspersky stop scanning with error as expected. After enabling "Sends UTF-8 query strings for non-Intranet URLs", the issue can be resolved, or disable Enhanced Scanning.

Chrome, Fire Fox never have such limitation because they always send the query with UTF8 character.

Please note: Most of Web pages in the world have been published with UTF8 code, and that will not happen the issue, beause query strings are already encoded to UTF8. However, few of rest of web sites are still using local language code, such as Kor, Jpn.., then this happens.

 

We have two solutions: We can take either one.

1. Disable "Enhanced Scanning". Disabled as default.

2. Enable "Send UTF-8 query strings for non-Intranet URLs" and "Send UTF-8 query strings for Intranet URLs".   

Thanks for your feedback. Let us know if you have additional comments below. (requires login)

    © 1995-2019 Symantec Corporation