On Apr 13, 2004, at 2:19 PM, Tomasz Kosiak wrote:
I would certainly opt for having this. But as far as I remember from
disscussion with Piotr Szuca that may be difficult to add to AOLserver
due to current keepalive implementation.
It would probably be difficult to implement for nsopenssl and AOLse
Użytkownik Scott Goodwin napisał:
Surfer hits page, surfer fills in form info, keepalive idles at 30
seconds, IE believes the session is still there, surfer hits submit,
invalid ssl session, blank page, surfer needs to refresh to see page,
all post info lost.
[...]
Is there interest out there fo
Surfer hits page, surfer fills in form info, keepalive idles at 30
seconds, IE believes the session is still there, surfer hits submit,
invalid ssl session, blank page, surfer needs to refresh to see page,
all post info lost.
Yes, this is the behavior IE exhibits with SSL when keepalive is used.
Wh
for apache, we've never run keepalives and SSL due to problems.
The theory was:
Surfer hits page, surfer fills in form info, keepalive idles at 30
seconds, IE believes the session is still there, surfer hits submit,
invalid ssl session, blank page, surfer needs to refresh to see page,
all post in
I've seen something a similar fix for the APACHE server.
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
One thing I also tried was using only SSLv2 which seemed to
work (although I'm not sure given inte
This is occurring on Apache as well.
On Tue, 13 Apr 2004 08:55:00 -0400, Greg McGuire <[EMAIL PROTECTED]> wrote:
>I can certainly corroborate this; much of our customer service is done
>using SSL, and they use IE6 (mostly). In the past month I've gotten
>many complaints about this. Finding noth
On Tue, 2004-04-13 at 06:44, Ron Emerick wrote:
> The problem now is that I dealing with external users so I can't apply the
> patch to their system.
The MS document which provides the fix indicates (under Workaround) that
lengthening the keep-alive timeout, or doing away with keep-alive may
solv
You might try registering a proc for POST that checks the
content-length. If content-length is 0 or it doesn't match the size of
the content itself, you could generate an error page that pointed the
user off to the patch and that describes the issue. You could also give
them the option to re-POST t
Hi there,
yes, I have earlier reported this behaviour and I got lots of help from both
Scott Goodwin and Piotr Szuca. However, I never found a working solution.
You find some of the earlier posting around March and April 2003 and then up
to January 2004.
-- Niels
--
AOLserver - http://www.aolse
Thanks. I applied that update and based on preliminary testing seemed
to resolve the problem.
The problem now is that I dealing with external users so I can't apply the
patch to their system.
So I'm looking for ways to handle. I was wondering if there is an http
status code so that the browser wo
Here's the pertinent text from Microsoft:
http://www.microsoft.com/technet/security/bulletin/MS04-004.mspx
Why am I getting errors when attempting to access certain SSL protected
Web Sites?
After installing the Internet Explorer 6.0 SP1 version of this update,
there may be intermittent failures o
I can certainly corroborate this; much of our customer service is done
using SSL, and they use IE6 (mostly). In the past month I've gotten
many complaints about this. Finding nothing amiss with AOLserver, I
could only suggest that they switch to Mozilla. Is this an AOLserver /
IE6 interaction, o
We are noticing that maybe 1 out of
20 HTTPS requests from our clients using MSIE 6.0 are failing.
Further digging seems to suggest that the data that should be POSTed
with the request isn't (i.e. content-length: 0).
It seems that this is related to a MSIE Explorer patch Q832894.
Thanks,
R
13 matches
Mail list logo