Release Notes › Known Issues › Tracking ID 644-33: Internet Explorer Agent Limitations

Tracking ID 644-33: Internet Explorer Agent Limitations

This section describes various enhancements and known issues affecting the Internet Explorer (IE) endpoint agent in the current CA DataMinder release.

Supported Web 2.0 Applications

The IE agent now supports the following Web 2.0 applications:

• Excite Mail
• Facebook
• Gmail
• LinkedIn
• Salesforce.com
• Twitter
• Windows Live Mail (Hotmail)

Note: The agent may support other Web 2.0 applications but they have not been tested.

Known limitations

• Some web sites allow users to search by entering key words or phrases. The IE agent may not always detect these submitted search terms.

  Note: While we do not consider this limitation to constitute data loss, we may fix this limitation in a future CA DataMinder release.

• Web 2.0 applications blur the distinction between submitted data and file uploads. Consequently, web triggers may fire unexpectedly. This issue affects the Submitted Text, Submitted Credit Card, and File Upload web triggers. For example, a File Upload trigger may fire instead of a Submitted Text trigger.

  To avoid this problem, we recommend that you do one of the following:

  • Configure the three trigger types to all detect the same data.
  • Use a single Document Classifier web trigger to detect the same data.

  Note: We may remove these web trigger types in a future CA DataMinder release.

• Some Web 2.0 applications (for example, Google Docs) use proprietary ActiveX controls or Adobe Flash controls to send data to the web server in an application-specific format. This data is also sometimes encoded.

  The IE agent does not support these Web 2.0 applications. To prevent data loss, we recommend that you set up URL web triggers to block these applications.

  Note: You can now block individual Flash controls from loading by setting values in the BlockedObjectURLs registry key (see below).

• Recent performance improvements to the Data Management console mean that it may fail to display captured web events with full fidelity.

  Note: This limitation does not affect the iConsole, which only displays submitted data and file uploads.

• When CA DataMinder intercepts and blocks a web request, the web application (which typically uses client-side javascript) is responsible for handling the request failure. However, web applications vary in the quality of their failure-handling. In particular, some web applications may re-issue a blocked web request multiple times. This behavior can result in multiple CA DataMinder intervention dialogs. On rare occasions, this behavior can even cause Internet Explorer to hang.

CA DataMinder Configuration Tips

'Excluded Web Site' Policy Setting

The Excluded Web Sites setting in the user policy setting allows you to exclude specific web sites from policy processing. Specifically, this setting lets you prevent triggers firing when users visit trusted web sites. However, since this setting was introduced in the earliest CA DataMinder releases, emerging web technologies have undermined its effectiveness.

To fix this problem, the Excluded Web Sites setting has been enhanced to also exclude data submissions to Web 2.0 applications that use AJAX technologies. This enhancement is particularly important if you need to exclude certain webmail and social networking sites from policy.

Previously, the IE agent mishandled data submitted to exclude web applications that used AJAX technologies. As a result, CA DataMinder allowed users to visit these excluded web sites but then, unintentionally, applied to policy to data (such as comments) submitted by users to these sites. Now the Excluded Web Sites setting correctly excludes all associated data submissions when a user visits an excluded web site.

Note: Find the Excluded Web Sites setting in the System Settings policy folder.

BlockedObjectURLs Registry Key

A new registry key, BlockedObjectURLs, is available to you to specify object URLs that you want to block (for example, Flash controls).

The full registry path is:

HKEY_LOCAL_MACHINE\SOFTWARE\ComputerAssociates\CA DataMinder
  \CurrentVersion\Browser\BlockedObjectURLs 

On 64-bit computers running the 32-bit version of Internet Explorer, the registry path is:

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\ComputerAssociates\CA DataMinder
  \CurrentVersion\Browser\BlockedObjectURLs

To specify a blocked object URL:

1. Add a new string registry value to the BlockedObjectURLs registry key.
2. Give the new value an appropriate name.
3. Set the data for the new registry value to be the URL of the blocked object. The URL can include * wildcards.