M
msnews.microsoft.com
I have an ASP.NET application that stores files as BLOBS into a database
server for later retrieval. About two weeks ago we started experiencing
problems in IE when it stopped parsing the Content-Type HTTP headers we were
sending from ASP.NET. Any help very much appreciated!
SYMPTOMS:
1) When downloading a static files such as PDISCert.cer (headers shown
below), IE correctly recognizes the file as a "Security Certificate" as per
the IIS MIME mapping I have set in the IIS metabase for *.cer files: *.cer
=> application/x-x509-ca-cert.
2) When downloading a dynamic file such as PDISCert.aspx that outputs the
bytes from PDISCert.cer file (headers shown below), IE FAILS to correctly
recognize the file as a "Security Certificate" as per the Content-Type HTTP
header that is sent to the browser "Content-Type:
application/x-x509-ca-cert."
3) Problem just showed up two weeks ago with a year and a half of successful
operation.
4) Problem appears in all tested versions of IE from on-campus and
off-campus environments.
5) Problem appears in IE but not in Netscape/Modzilla/Opera.
6) Problem appears for multiple MIME types.
6.a) Problem appears for "Content-Type: application/x-x509-ca-cert".
6.b) Problem appears for "Content-Type: application/pdf".
6.c) Problem appears for "Content-Type: image/jpg".
7) IE seems to ignore "content-disposition: inline; filename=PDISCert.cer"
too.
=====================================================
FAILS -- When downloading a dynamic file such as PDISCert.aspx that
outputs the bytes from PDISCert.cer(headers shown below), IE FAILS to
correctly recognize the file as a "Security Certificate" as per the
Content-Type
HTTP header that is sent to the browser
"Content-Type: application/x-x509-ca-cert."
=====================================================
REQUEST
----------------------------------------------------------
HEAD /Authentication/Cert2.aspx HTTP/1.0
Host: www.pdis.org
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR
1.1.4322)
RESPONSE
----------------------------------------------------------
HTTP/1.1·200·OK(CR)(LF)
Connection:·close(CR)(LF)
Date:·Mon,·15·Mar·2004·20:09:16·GMT(CR)(LF)
Server:·Microsoft-IIS/6.0(CR)(LF)
X-AspNet-Version:·1.1.4322(CR)(LF)
content-disposition:·inline;·filename=PDISCert.cer(CR)(LF)
Set-Cookie:·ASP.NET_SessionId=rknbgprxg2hijd55ulcavp45;·path=/(CR)(LF)
Cache-Control:·private(CR)(LF)
Content-Type:·application/x-x509-ca-cert(CR)(LF)
Content-Length:·1377(CR)(LF)(CR)(LF)
=====================================================
WORKS -- When downloading a static files such as PDISCert.cer (headers
shown below), IE correctly recognises the file as a "Security Certificate"
as
per the IIS MIME mapping I have set in the IIS metabase:
*.cer => application/x-x509-ca-cert.
=====================================================
REQUEST
----------------------------------------------------------
HEAD /Authentication/PDISCert.cer HTTP/1.0
Host: www.pdis.org
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR
1.1.4322)
RESPONSE
----------------------------------------------------------
HTTP/1.1·200·OK(CR)(LF)
Content-Length:·1377(CR)(LF)
Content-Type:·application/x-x509-ca-cert(CR)(LF)
Last-Modified:·Thu,·15·May·2003·03:48:23·GMT(CR)(LF)
Accept-Ranges:·bytes(CR)(LF)
ETag:·"f2c52fd5941ac31:e6a"(CR)(LF)
Server:·Microsoft-IIS/6.0(CR)(LF)
Date:·Mon,·15·Mar·2004·20:59:57·GMT(CR)(LF)
Connection:·close(CR)(LF)(CR)(LF)
ASP.NET C# Code used to produce error condition.
============================================
<script runat=server>
protected override void OnLoad(System.EventArgs e)
{
Response.BufferOutput = true;
Response.Clear();
//application/pkix-cert (usually accepted by Internet Explorer)
//application/x-x509-ca-cert (usually accepted by Netscape)
System.IO.FileStream objFileStream =
System.IO.File.OpenRead(this.MapPath(@"PDISCert.cer"));
byte[] objByteArray = new byte[(int)objFileStream.Length];
objFileStream.Read(objByteArray, 0, (int)objFileStream.Length);
objFileStream.Close();
Response.ContentType="application/x-x509-ca-cert";
Response.AddHeader( "content-disposition","inline; filename=PDISCert.cer");
Response.BinaryWrite(objByteArray);
Response.End();
}
</script>
Will Baldwin (e-mail address removed)
Associate Director for Information Technology
Great Plains Diagnostic Network
Kansas State Research and Extension
"Knowledge for Life"
server for later retrieval. About two weeks ago we started experiencing
problems in IE when it stopped parsing the Content-Type HTTP headers we were
sending from ASP.NET. Any help very much appreciated!
SYMPTOMS:
1) When downloading a static files such as PDISCert.cer (headers shown
below), IE correctly recognizes the file as a "Security Certificate" as per
the IIS MIME mapping I have set in the IIS metabase for *.cer files: *.cer
=> application/x-x509-ca-cert.
2) When downloading a dynamic file such as PDISCert.aspx that outputs the
bytes from PDISCert.cer file (headers shown below), IE FAILS to correctly
recognize the file as a "Security Certificate" as per the Content-Type HTTP
header that is sent to the browser "Content-Type:
application/x-x509-ca-cert."
3) Problem just showed up two weeks ago with a year and a half of successful
operation.
4) Problem appears in all tested versions of IE from on-campus and
off-campus environments.
5) Problem appears in IE but not in Netscape/Modzilla/Opera.
6) Problem appears for multiple MIME types.
6.a) Problem appears for "Content-Type: application/x-x509-ca-cert".
6.b) Problem appears for "Content-Type: application/pdf".
6.c) Problem appears for "Content-Type: image/jpg".
7) IE seems to ignore "content-disposition: inline; filename=PDISCert.cer"
too.
=====================================================
FAILS -- When downloading a dynamic file such as PDISCert.aspx that
outputs the bytes from PDISCert.cer(headers shown below), IE FAILS to
correctly recognize the file as a "Security Certificate" as per the
Content-Type
HTTP header that is sent to the browser
"Content-Type: application/x-x509-ca-cert."
=====================================================
REQUEST
----------------------------------------------------------
HEAD /Authentication/Cert2.aspx HTTP/1.0
Host: www.pdis.org
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR
1.1.4322)
RESPONSE
----------------------------------------------------------
HTTP/1.1·200·OK(CR)(LF)
Connection:·close(CR)(LF)
Date:·Mon,·15·Mar·2004·20:09:16·GMT(CR)(LF)
Server:·Microsoft-IIS/6.0(CR)(LF)
X-AspNet-Version:·1.1.4322(CR)(LF)
content-disposition:·inline;·filename=PDISCert.cer(CR)(LF)
Set-Cookie:·ASP.NET_SessionId=rknbgprxg2hijd55ulcavp45;·path=/(CR)(LF)
Cache-Control:·private(CR)(LF)
Content-Type:·application/x-x509-ca-cert(CR)(LF)
Content-Length:·1377(CR)(LF)(CR)(LF)
=====================================================
WORKS -- When downloading a static files such as PDISCert.cer (headers
shown below), IE correctly recognises the file as a "Security Certificate"
as
per the IIS MIME mapping I have set in the IIS metabase:
*.cer => application/x-x509-ca-cert.
=====================================================
REQUEST
----------------------------------------------------------
HEAD /Authentication/PDISCert.cer HTTP/1.0
Host: www.pdis.org
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR
1.1.4322)
RESPONSE
----------------------------------------------------------
HTTP/1.1·200·OK(CR)(LF)
Content-Length:·1377(CR)(LF)
Content-Type:·application/x-x509-ca-cert(CR)(LF)
Last-Modified:·Thu,·15·May·2003·03:48:23·GMT(CR)(LF)
Accept-Ranges:·bytes(CR)(LF)
ETag:·"f2c52fd5941ac31:e6a"(CR)(LF)
Server:·Microsoft-IIS/6.0(CR)(LF)
Date:·Mon,·15·Mar·2004·20:59:57·GMT(CR)(LF)
Connection:·close(CR)(LF)(CR)(LF)
ASP.NET C# Code used to produce error condition.
============================================
<script runat=server>
protected override void OnLoad(System.EventArgs e)
{
Response.BufferOutput = true;
Response.Clear();
//application/pkix-cert (usually accepted by Internet Explorer)
//application/x-x509-ca-cert (usually accepted by Netscape)
System.IO.FileStream objFileStream =
System.IO.File.OpenRead(this.MapPath(@"PDISCert.cer"));
byte[] objByteArray = new byte[(int)objFileStream.Length];
objFileStream.Read(objByteArray, 0, (int)objFileStream.Length);
objFileStream.Close();
Response.ContentType="application/x-x509-ca-cert";
Response.AddHeader( "content-disposition","inline; filename=PDISCert.cer");
Response.BinaryWrite(objByteArray);
Response.End();
}
</script>
Will Baldwin (e-mail address removed)
Associate Director for Information Technology
Great Plains Diagnostic Network
Kansas State Research and Extension
"Knowledge for Life"
