An ISA Server 2006 Web Proxy client receives error code 502 when a user tries to visit certain Web sites

Article translations Article translations
Article ID: 935693 - View products that this article applies to.
Expand all | Collapse all

On This Page


Consider the following scenario. A computer is configured as a Microsoft Internet Security and Acceleration (ISA) Server 2006 Web Proxy client. A user on this client computer tries to visit certain Web sites. In this scenario, the user receives the following error page:
The page cannot be displayed

There is a problem with the page you are trying to reach and it cannot be displayed.

Technical Information (for support personnel)
Error Code: 502 Proxy Error.
The HTTP message includes an unsupported header or an unsupported combination of headers. (12156)
Additionally, you experience the following symptoms:
  • If you perform a network trace of the HTTP traffic, you capture an HTTP header that begins with a space.
  • If you use ISA Server Monitoring to log the HTTP traffic, the following error information is logged:
    ERROR:Multi line header - unsupported.


This problem occurs if a Web server response contains an HTTP header that begins with a space or with a TAB character.


A hotfix is available for computers that are running ISA Server 2006. To resolve this problem, install the hotfix that is described in the following Microsoft Knowledge Base article:
935882 Description of the ISA Server 2006 hotfix package that is dated April 19, 2007

Hotfix installation information

By default, this hotfix is not automatically enabled. To have us enable this hotfix for you, go to the "Fix it for me" section. If you’d rather enable this hotfix yourself, go to the "Let me fix it myself" section.

Fix it for me

To enable this hotfix automatically, click the  Fix this problem link. Then, click Run in the File Download dialog box and follow the steps in this wizard.

Fix this problem
Microsoft Fix it 50477

Note this wizard may be in English only; however, the automatic fix also works for other language versions of Windows.

Note If you are not on the computer that has the problem, you can save the automatic fix to a flash drive or to a CD so that you can run it on the computer that has the problem.

Let me fix it myself

Important This section, method, or task contains steps that tell you how to modify the registry. However, serious problems might occur if you modify the registry incorrectly. Therefore, make sure that you follow these steps carefully. For added protection, back up the registry before you modify it. Then, you can restore the registry if a problem occurs. For more information about how to back up and restore the registry, click the following article number to view the article in the Microsoft Knowledge Base:
322756 How to back up and restore the registry in Windows
 To enable this hotfix yourself, start Registry Editor, and then configure the following registry entry:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RAT\Stingray\Debug\Web Filters

Value type: REG_DWORD
Value data: 1
You can also configure this registry entry by using a .reg file. To do this, paste the following code into a text file that has a .reg file-name extension.
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RAT\Stingray\Debug\Web Filters] 
After you configure this registry entry, ISA Server 2006 removes any HTTP headers that begin with a space or with a TAB character. Then, ISA Server 2006 forwards the response to the client computer.


Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.

More information

Trace information

When this problem occurs, you may capture trace information that resembles the following:
Http: Response, HTTP/1.1, Status Code = 200
    ProtocolVersion: HTTP/1.1
    StatusCode: 200, Ok
    Reason: OK
    Server:  Microsoft-IIS/5.0
    Date:  <date> <time>
     :  ASP.NET                   <---------------- This header begins with a space
    XPoweredBy:  ASP.NET
    Set-Cookie:  SITESERVER=ID=<ID string>; expires=<day>, <date> <time> GMT; path=/;
    Expires:  <day>, <date> <time> GMT
    ContentLength:  73313
    ContentType:  text/html
    Cache-control:  private
    HeaderEnd: CRLF


Article ID: 935693 - Last Review: June 21, 2014 - Revision: 4.0
Applies to
  • Microsoft Internet Security and Acceleration Server 2006 Standard Edition
  • Microsoft Internet Security and Acceleration Server 2006 Enterprise Edition
  • Microsoft Forefront Threat Management Gateway, Medium Business Edition
kberrmsg kbfirewall kbtshoot kbfix kbbug kbprb kbfixme kbmsifixme KB935693

Give Feedback


Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from