HTML BASE HREF tags
You can use the preserve-base-href and the preserve-base-href2 entries in the [server] stanza to control how WebSEAL handles the HREF attributes of HTML BASE tags in filtered HTML documents.
When preserve-base-href is set to "no", the following statements apply:
- WebSEAL removes the BASE HREF attributes from filtered HTML documents.
- When the BASE HREF URL matches a junctioned server, WebSEAL prepends the junction point, and any subdirectories, to server-relative and relative links found on the page.
- When the BASE HREF URL does not match a junctioned server, WebSEAL prepends the entire BASE HREF URL attribute to server-relative and relative links on the page. This action is exactly what the browser does when it renders HTML.
Example 1 (BASE HREF matches a junctioned server)
- WebSEAL server: www.webseal.com
- The following junction was created:
server task webseal-server create -tcp -h www.example.com /jct
HTML before filtering:
<HTML>
<HEAD>
<BASE HREF="http://www.example.com/dir1/dir2/">
</HEAD>
<BODY>
<A HREF="index.html">index.html</A>
</BODY>
</HTML>
HTML after filtering:
<HTML>
<HEAD>
<BASE>
</HEAD>
<BODY>
<A HREF="/jct/dir1/dir2/index.html">index.html</A>
</BODY>
</HTML>
Example 2 (BASE HREF does not match a junctioned server)
- WebSEAL server: www.webseal.com
- The following junction was created:
server task webseal-server create -tcp -h www.example.com /jct
HTML before filtering:
<HTML>
<HEAD>
<BASE HREF="http://www.example2.com/dir1/dir2/">
</HEAD>
<BODY>
<A HREF="index.html">index.html</A>
</BODY>
</HTML>
HTML after filtering:
<HTML>
<HEAD>
<BASE>
</HEAD>
<BODY>
<A HREF="http://www.example2.com/dir1/dir2/index.html">index.html</A>
</BODY>
</HTML>
When preserve-base-href is set to "yes", the following statements apply:
- WebSEAL does not remove the BASE HREF attributes from filtered HTML documents.
- When the BASE HREF URL matches a junctioned server, WebSEAL modifies the BASE HREF URL. WebSEAL replaces the name of the junctioned server with the WebSEAL server name, plus the junction point of the junctioned server. When the browser renders the HTML, and prepends the modified HREF URL to server-relative and relative links, the resulting links can find the resources.
- When the BASE HREF URL does not match a junctioned server, WebSEAL does not modify the HTML. When the browser renders the HTML, and prepends the original HREF URLs to server-relative and relative links, the resulting links can find the resources.
- When WebSEAL filters
an HTML document with a BASE HREF tag, WebSEAL
does not preserve the original escaping or encoding of the URL if
it contains:
- URI encoding
- Escaped slashes
- Special character encoding
Example 3 (URI Encoded, slash-escaped and Special Character URLS)
- WebSEAL server: www.webseal.com
- The following junction was created:
server task webseal-server create -tcp -h www.example.com /jct
HTML before filtering:
<HTML>
<HEAD>
<BASE HREF="http://www.example2.com/dir1/">
</HEAD>
<BODY>
<A HREF="dir2%2Findex.html">index.html</A>
<A HREF="dir2\/contents.html">contents.html</A>
<A HREF="dir2/index2.html">index2.html</A>
</BODY>
</HTML>
HTML after filtering:
<HTML>
<HEAD>
<BASE>
</HEAD>
<BODY>
<A HREF="http://www.example2.com/dir1/dir2/index.html">index.html</A>
<A HREF="http://www.example2.com/dir1/dir2/contents.html">contents.html</A>
<A HREF="http://www.example2.com/dir1/dir2/index2.html">index2.html</A>
</BODY>
</HTML>
Example 4 (BASE HREF matches a junctioned server)
- WebSEAL server: www.webseal.com
- The following junction was created:
server task webseal-server create -tcp -h www.example.com /jct
HTML before filtering:
<HTML>
<HEAD>
<BASE HREF="http://www.example.com/dir1/dir2/">
</HEAD>
<BODY>
<A HREF="index.html">index.html</A>
</BODY>
</HTML>
HTML after filtering:
<HTML>
<HEAD>
<BASE HREF="http://www.webseal.com/jct/dir1/dir2/">
</HEAD>
<BODY>
<A HREF="index.html">index.html</A>
</BODY>
</HTML>
Example 5 (BASE HREF does not match a junctioned server)
- WebSEAL server: www.webseal.com
- The following junction was created:
server task webseal-server create -tcp -h www.example.com /jct
HTML before filtering:
<HTML>
<HEAD>
<BASE HREF="http://www.example2.com/dir1/dir2/">
</HEAD>
<BODY>
<A HREF="index.html">index.html</A>
</BODY>
</HTML>
HTML after filtering:
<HTML>
<HEAD>
<BASE HREF="http://www.example2.com/dir1/dir2/">
</HEAD>
<BODY>
<A HREF="index.html">index.html</A>
</BODY>
</HTML>
Example 6 (URI Encoded, slash-escaped and Special Character URLs)
- WebSEAL server: www.webseal.com
- The following junction was created:
server task webseal-server create -tcp -h www.example.com /jct
HTML before filtering:
<HTML>
<HEAD>
<BASE HREF="http://www.example.com/dir1/">
</HEAD>
<BODY>
<A HREF="dir2%2Findex.html">index.html</A>
<A HREF="dir2\/contents.html">contents.html</A>
<A HREF="dir2/index2.html">index2.html</A>
</BODY>
</HTML>
HTML after filtering:
<HTML>
<HEAD>
<BASE HREF="http://www.webseal.com/jct/dir1/">
</HEAD>
<BODY>
<A HREF="dir2/index.html">index.html</A>
<A HREF="dir2/contents.html">contents.html</A>
<A HREF="dir2/index2.html">index2.html</A>
</BODY>
</HTML>