URL filtering response pages display messages and other
content when users attempt to browse sites in categories with block
actions or container pages enabled.
The firewall provides three predefined response pages
that display by default when a user attempts to browse to a site
in a category that is configured with one of the block actions in
the URL Filtering profile (block, continue, or override) or when Container
Pages is enabled:
URL Filtering and Category Match Block Page
Access
blocked by a URL Filtering profile or because the URL category is
blocked by a Security policy rule.
URL Filtering Continue and Override Page
Page
with initial block policy that allows users to bypass the block
by clicking Continue. With URL Admin Override
enabled, (Allow
Password Access to Certain Sites), after clicking Continue,
the user must supply a password to override the policy that blocks
the URL.
URL Filtering Safe Search Block Page
Access
blocked by a Security policy rule with a URL Filtering profile that
has the Safe Search Enforcement option enabled (see Safe
Search Enforcement). The user will see this page if a search
is performed using Google, Bing, Yahoo, or Yandex and their browser
or search engine account setting for Safe Search is not set to strict.
Anti Phishing
Block Page
This page displays to users when they attempt
to enter corporate credentials (usernames or passwords) on a web
page in a category for which credential submissions are blocked.
The user can continue to access the site but remains unable to submit
valid corporate credentials to any associated web forms. To control
the sites to which users can submit corporate credentials, the firewall
must be configured with User-ID and enabled to prevent
credential phishing based on URL category.
Anti Phishing
Continue Page
This page warns users against submitting
credentials (usernames and passwords) to a web site. Warning users
against submitting credentials can help to discourage them from
reusing corporate credentials and to educate them about possible
phishing attempts. They must select Continue to proceed to credentials
on the site. To control the sites to which users can submit corporate
credentials, the firewall must be configured with User-ID and enabled
to prevent
credential phishing based on URL category.
The firewall replaces the variable with
the username (if available via User-ID) or IP address of the user
when displaying the response page.
<url/>
The firewall replaces the variable with
the requested URL when displaying the response page.
<category/>
The firewall replaces the variable with
the URL filtering category of the blocked request.
<pan_form/>
HTML code for displaying the Continue button
on the URL Filtering Continue and Override page.
You can also add code that triggers the firewall to display different
messages depending on what URL category the user is attempting to
access. For example, the following code snippet from a response
page specifies to display Message 1 if the URL category is games,
Message 2 if the category is travel, or Message 3 if the category
is kids:
var cat = "<category/>";
switch(cat)
{
case 'games':
document.getElementById("warningText").innerHTML = "Message 1";
break;
case 'travel':
document.getElementById("warningText").innerHTML = "Message 2";
break;
case 'kids':
document.getElementById("warningText").innerHTML = "Message 3";
break;
}
Only a single HTML page can be loaded into each virtual system
for each type of block page. However, other resources such as images,
sounds, and cascading style sheets (CSS files) can be loaded from
other servers at the time the response page is displayed in the
browser. All references must include a fully qualified URL.