All the Perl that's Practical to Extract and Report

Arggghhhh IE (again)!

grantm on 2004-05-21T11:14:39

So this week we launch a web site that uses SSL. Wierd problems ensue for people who are using IE 6.0 on Windows XP - a scarily common configuration.

An analysis of the symptoms seems to suggest that the browser is sending a POST with no content. Note, this is quite different from the form being submitted with no fields completed. In our case not even the field names were received although it was a post request and it did have a non-zero Content-length header.

Turns out it's a bug - introduced by a recent security patch.

It goes like this:

  1. browser sends a request over an SSL connection and uses KeepAlive to keep the connection open.
  2. while the user is typing into the form, the KeepAlive timeout expires on the server and the connection is closed.
  3. the user hits submit, which quietly fails deep in the bowels of IE since it failed to notice when the server closed the connection.
  4. Don't worry though, IE cleverly recovers from its own screwup by reopening the connection and retrying the POST. Sadly however the form contents got lost in the bowels and the retried POST arrives at the server with no body.

Do these people not do regression testing?

The thing that pisses me off the most, is that the browser is broken, but we have to implement a workaround on the server (disable KeepAlive) so it looks to all the world like we had a bug and we fixed it.

Link to the critical update?

Mr. Muskrat on 2004-05-21T11:44:47

Another solution would have been to give them a link to the knowledge base article about the bug with a brief explanation and explain that it includes a link to the critical update that is intended to fix it. This is not the best solution because it points fingers. It does, however, clearly remove any blame from your company.

Had the same problem

cbrandtbuffalo on 2004-05-21T16:17:56

We had the same issues with some of our users, but it was very intermittent and we could never reproduce it. I did manage to deduce that it was IE only, so we were just telling users to use another browser.

Thanks so much for putting this in your log and putting up the link. Now we can suggest they update their computer to see if that works.

Upgrading IE Users

ajt on 2004-09-08T09:28:55

On a personal site you can always encourage IE users to upgrade to a better browser. It's a bit cheeky, but you can implement Dead Edwards noIE css trick. I've patched mine to link to the Broswe Happy site, as I don't mind what people use, as long as it's not IE.