IE Content-Length 0: IIS Security Config Causes Post Data Failure

IE Content-Length 0: IIS Security Config Causes Post Data Failure

am 28.03.2007 02:11:05 von Skorccio

A particular scenario of IIS security settings causes a problem with IE
browsers (v6 & v7) whereby no post data is sent to the server and the http
header content-length is set to 0.

To reproduce this behaviour, follow the steps below:

1) Create a web application with a default.aspx page containing a button
such as,

2) Add the following code in the page_load event handler,
if (this.IsPostBack)
Response.Write("IsPostBack = true");
else
Response.Write("IsPostBack = false");
3) Set the home directory of the root website in iis6.0 to point to the
above web application.
4) Set the root website (i.e. localhost) to iis integrated windows
authentication.
5) Create a virtual directory below this (i.e. localhost/subdomain1) with
the home directory pointing to the same folder as the root.
6) Set the virutal directory (i.e. subdomain1) to iis anonymous access.
7) Create another virtual directory below the root (i.e.
localhost/subdomain2) with the home directory pointing to the same folder as
the root.
8) Set the virutal directory (i.e. subdomain2) to iis integrated windows
authentication. (we now have 3 identical web applications with one sub domain
configured to anonymous access whilst the other two set to windows integrated
authentication)
9) Open up IE v6 or v7.
10) Request the root website (i.e. localhost)
11) Submit form
12) Observe response value 'true'.
13) Request the virtual direcotry (i.e. localhost/subdomain1)
14) Submit form
15) Observe response value 'true'.
16) Request the virtual direcotry (i.e. localhost/subdomain2)
17) Submit form
18) Observe response value 'false'.
19) Repeat steps 9-17 with Firefox v2.

Conclusion

Content-length set to 0 by IE, no post data sent
This behaviour can not be reproduced in Firefox v2.

Any ideas why this ocurrs in IE?

Re: IE Content-Length 0: IIS Security Config Causes Post Data Failure

am 28.03.2007 02:54:39 von David Wang

This well known.
http://support.microsoft.com/?id=251404

Here is an explanation:
http://blogs.msdn.com/david.wang/archive/2005/12/01/HTTP-POS T-Fails-for-Anonymous-Authentication.aspx

For the same reason that you complain about IE POSTing zero bytes, you
can complain that FireFox wastes bandwidth on authenticated requests
since the having/lacking the optimization causes both behaviors. It's
just that people tend to notice the IE behavior when doing custom
authentication (which while popular is often non-kosher).


//David
http://w3-4u.blogspot.com
http://blogs.msdn.com/David.Wang
//




On Mar 27, 5:11 pm, Skorccio
wrote:
> A particular scenario of IIS security settings causes a problem with IE
> browsers (v6 & v7) whereby no post data is sent to the server and the http
> header content-length is set to 0.
>
> To reproduce this behaviour, follow the steps below:
>
> 1) Create a web application with a default.aspx page containing a button
> such as,
>
> 2) Add the following code in the page_load event handler,
> if (this.IsPostBack)
> Response.Write("IsPostBack = true");
> else
> Response.Write("IsPostBack = false");
> 3) Set the home directory of the root website in iis6.0 to point to the
> above web application.
> 4) Set the root website (i.e. localhost) to iis integrated windows
> authentication.
> 5) Create a virtual directory below this (i.e. localhost/subdomain1) with
> the home directory pointing to the same folder as the root.
> 6) Set the virutal directory (i.e. subdomain1) to iis anonymous access.
> 7) Create another virtual directory below the root (i.e.
> localhost/subdomain2) with the home directory pointing to the same folder as
> the root.
> 8) Set the virutal directory (i.e. subdomain2) to iis integrated windows
> authentication. (we now have 3 identical web applications with one sub domain
> configured to anonymous access whilst the other two set to windows integrated
> authentication)
> 9) Open up IE v6 or v7.
> 10) Request the root website (i.e. localhost)
> 11) Submit form
> 12) Observe response value 'true'.
> 13) Request the virtual direcotry (i.e. localhost/subdomain1)
> 14) Submit form
> 15) Observe response value 'true'.
> 16) Request the virtual direcotry (i.e. localhost/subdomain2)
> 17) Submit form
> 18) Observe response value 'false'.
> 19) Repeat steps 9-17 with Firefox v2.
>
> Conclusion
>
> Content-length set to 0 by IE, no post data sent
> This behaviour can not be reproduced in Firefox v2.
>
> Any ideas why this ocurrs in IE?