OWA: Blocking Microsoft Internet Explorer

Internet explorer has a leak, and now you don’t trust it for people to logon to your OWA. (Outlook Web Access).
You may want to block OWA to be used with Internet Explorer.

To achieve this, I did the following:

I changed logon.aspx in the ClientAccess\Owa\auth diretory on the OWA server. I added these 5 lines as the first 5 lines of the logon.aspx page.

<script language="JavaScript" type="text/JavaScript">

if (navigator.appName == "Microsoft Internet Explorer") { 
  document.location = "https://webmail.yourdomain.com/owa/auth/ie_reject.aspx"; 
};

</script>

Basically, this points any browser that advertises itself as Microsoft Internet Explorer to the page: ie_reject.aspx (in the same directory ‘auth’ ).

This page has a picture on it called iewarning.jpg, that you also place in the same directory ‘auth’.

The page contains code that looks like this: ie_reject.aspx

The iewarning.jpg looked something like this.

example-owa

example-owa

People are given the chance to click the links and download and install a safer browser, while giving a feel of what used to be the normal OWA page.

For the looks I just slapped in the logo and text as an image for mozilla and chrome:

Hope this helps you.

Update:

IE 11 didn’t get detected, Microsoft has changed user agent string in IE11, so you should use the following javascript code instead:

( so, forget those 5 lines as the first 5 lines in logon.aspx, but put this on top there instead. )

<script type="text/JavaScript" language="JavaScript">
function getInternetExplorerVersion()
{
  var rv = -1;
  if (navigator.appName == 'Microsoft Internet Explorer')
  {
    var ua = navigator.userAgent;
    var re  = new RegExp("MSIE ([0-9]{1,}[\.0-9]{0,})");
    if (re.exec(ua) != null)
      rv = parseFloat( RegExp.$1 );
  }
  else if (navigator.appName == 'Netscape')
  {
    var ua = navigator.userAgent;
    var re  = new RegExp("Trident/.*rv:([0-9]{1,}[\.0-9]{0,})");
    if (re.exec(ua) != null)
      rv = parseFloat( RegExp.$1 );
  }
  return rv;
}
if (getInternetExplorerVersion() != -1) { document.location = "https://webmail.domain.com/owa/auth/ie_reject.aspx"; };
</script>
This entry was posted in News, Windows. Bookmark the permalink.