Error 500 while trying to access some parts of the CRM 4 Web Site Published through ISA Server 2006

This short post is about an issue that I worked a couple of weeks ago about publishing CRM through ISA Server. The admin had followed the post that I wrote on how to publish CRM through ISA Server 2006 and most of the things within CRM web sites were working fine. The problem is was externalized when he was trying to do a certain operation and got the following error on IE: Error Code: 500 Internal Server Error.

By using diagnostic logging it was possible to see that when ISA HTTP Filter evaluates the request, it triggers the error. The request (HTTP GET) was:

/activities/email/edit.aspx?pId={80BB5777-ED93-DE11-8C2A-0003FFCE4329}&pType=112&pName=Fluxo%20de%20Caixa%20-%20CIT&partyid={FD5E1DA2-9E85-DD11-AD2C-0003FFCE4329}&partytype=2&partyname=M%C3%A1rio%20Falcheti%20SenorSolicitante&partyaddressused=&contactInfo=', Context:216E1B6C

ISA Server diagnostic logging shows: The request was rejected by the HTTP Security filter.

The solution was disabling Block high-bit characters from the HTTP Filter. As KB837865 says:

“When you configure HTTP filtering to block high-bit characters, URLs that contain characters from a double-byte character set (DBCS) or URLs that contain Latin 1 characters are blocked. This configuration may affect scenarios such as OWA publishing or Microsoft SharePoint Portal Server publishing. Additionally, this configuration may affect any scenario where a GET request passes a parameter that includes a character from a double-byte character set.”

Although this is a known issue, sometimes administrators out there think that this only applies to OWA or SharePoint Publishing rule, which is not true. This setting can affect any web site publishing rule that has such condition.