Is it possible to do coaching for more than one criteria in a single session?
Is there a way to invoke a notification page without using coaching?
With coaching, do the coaching settings only apply to time/volume?
With PD Storage, do the settings only apply to timeout values?
When a web site with a problematic certificate is accessed, I want to put up a notification page that explains what the problem is and offer the option to accept the risk and click through.
I am currently doing this via a combo of coaching and PD Storage. I'm only using the coaching portion to provide the click through web page so if there's a way to present a warning page that doesn't need a coaching activation, that would be acceptable as well.
Using the same methodology, I am also testing options for providing a notification page for sites that are uncategorized and have an unverified reputation.
Individually, each rule set seems to work, but when both criteria hit, I'm running into a problem. I may be stepping on myself in unexpected ways.
The general logic is this:
- If SSL site and certificate meets certain criteria (self-signed, for example), Block and provide reason for block. Block page has option to Continue. Continue = $Quota.Coaching.JS.ActivateSession$.
- When the Continue option is selected, that will trigger a rule higher up that has criteria Quota.Coaching.IsActivationRequest.Strict<Bad Cert> equals true and the action on that is Redirect to the original URL. At that point, I add Event: PDStorage.AddUserData.String(String.Concat("BADCERT-",URL.Host),SSL.Server.Cert ificate.SHA1Digest<Certs>
- When the connection continues, it will then pass through the Block rule because I'm checking for the PDStorage value. (It seems also necessary to invoke Quota.Coaching.SessionExceeded in some manner in order for the entire coaching option to work so at this point I also check for SessionExceeded equals true OR SessionExceeded equals false -- one of the two will be true)
- The next rule it will hit is a rule that checks for the PD Storage value -- if the value exists, Stop Rule Set occurs.
Trying to use the same sort of methodology for sites that are uncategorized and have no reputation. For those, I write a PD Storage value of (String.Concat("UNCAT-",URL.Host) and the coaching rules are similar. One slight difference for these is that if the Block page is hit, I write "BLOCKED" to PD Storage and when the coaching is accepted, I write ACCEPTED to PD Storage.
Currently, coaching for self-signed certificate for a site works. Coaching for an uncategorized and unverified site works. However, when presented with a site that has both a certificate issue and is uncategorized/unverified, I'm running into problems . My best guess right now is that I'm running across something where the coaching activation is triggering on the wrong rule set, but I haven't had the time to fully break it down and test it so any advice is appreciated.