Text View Html View

---

Wininet retries POST requests with a blank header View products that this article applies to. Important This article contains information about modifying the registry. Before you modify the registry, make sure to back it up and make sure that you understand how to restore the registry if a problem occurs. For information about how to back up, restore, and edit the registry, click the following article number to view the article in the Microsoft Knowledge Base: 256986 Description of the Microsoft Windows Registry SYMPTOMS Programs that use Wininet functions to post data (such as a user name or a password) to a Web server retry the POST request with a blank header if the Web server closes (or resets) the initial connection request. Note A POST request has a blank header if its content length is set to 0 or is empty. Sometimes, this behavior prevents another reset from occurring and permits authentication to complete. However, you may receive an HTTP 500 (Internal server error) Web page if the Web server must have the POST data included when Wininet retries the POST request. For example, when you submit your user name and password to an SSL-secured Web site by using a form on a HTTPS Web page, Microsoft Internet Explorer may not resend this information to the Web server if the initial connection is closed (or reset). CAUSE This problem occurs after you apply the 832894 security update (MS04-004) or the 821814 hotfix. For additional information about these software updates, click the following article number to view the article in the Microsoft Knowledge Base: 832894 MS04-004: Cumulative security update for Internet Explorer 821814 You receive a "page cannot be displayed" error message when you post to a site that requires authentication The 832894 security update (MS04-004) and the 821814 hotfix change how Wininet.dll retries POST requests with a blank header when a Web server resets the connection. RESOLUTION Update information The following files are available for download from the Microsoft Download Center: Download the Q831167.exe (32-bit) package now. Download the Q831167.exe (64-bit) package now. Release Date: February 12, 2004 For additional information about how to download Microsoft Support files, click the following article number to view the article in the Microsoft Knowledge Base: 119591 How to Obtain Microsoft Support Files from Online Services Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help to prevent any unauthorized changes to the file. Prerequisites To install this update, you must be running Internet Explorer 6 SP1 (version 6.00.2800.1106) on one of the following versions of Windows: * Microsoft Windows XP Service Pack 1 * Microsoft Windows XP 64-Bit Edition, Service Pack 1 * Microsoft Windows XP * Microsoft Windows 2000 Service Pack 2, Service Pack 3, Service Pack 4 * Microsoft Windows NT Workstation, Server, and Terminal Server Edition 4.0 Service Pack 6a * Microsoft Windows 98 * Microsoft Windows 98 SE * Microsoft Windows Millennium Edition Restart requirement You must restart your computer after you apply this update. Update replacement information This update replaces 821814. File information The English version of this update has the file attributes (or later) that are listed in the following table. The dates and times for these files are listed in coordinated universal time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time tool in Control Panel. Date Time Version Size File name Platform ------------------------------------------------------------------- 06-Feb-2004 18:05 6.0.2800.1405 588,288 Wininet.dll 07-Feb-2004 01:41 6.0.2800.1405 1,796,608 Wininet.dll IA-64 WORKAROUND If you cannot apply the update that is discussed in the Resolution section, you can use one of the following server-side actions to work around the problem: * Increase the HTTP keep-alive timeout interval on the Web server or the proxy server. There is no setting in Microsoft Internet Information Services (IIS) to control the keep-alive timeout other than the Windows registry KeepAliveTime value. However, some Web servers and some proxy servers could allow you to specify a connection expiration time. If the Web server or the proxy server allows you to change this value, increase the keep-alive timeout interval. See your Web server documentation for the correct setting name and value. For additional information about the Windows KeepAliveInterval and the Windows KeepAliveTime parameters, click the following article numbers to view the articles in the Microsoft Knowledge Base: 314053 TCP/IP and NBT Configuration Parameters for Windows XP 120642 TCP/IP and NBT Configuration Parameters for Windows 2000 or Windows NT * Disable the HTTP "keep alive connections" on the server. For additional information, click the following article number to view the article in the Microsoft Knowledge Base: 238210 HTTP Keep-Alive Header Sent Whenever ASP Buffering is Enabled STATUS Microsoft has confirmed that this is a problem in Microsoft Internet Explorer 6. MORE INFORMATION Warning If you use Registry Editor incorrectly, you may cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that you can solve problems that result from using Registry Editor incorrectly. Use Registry Editor at your own risk. After you apply the 831167 software update that is described in this article, programs that use Wininet functions to post data to a Web server will resend complete POST requests when a connection with a Web server is reset. To enable header-only post behavior, create a DWORD value named SampleApp.exe, where SampleApp is the name of the executable file that runs the program. Set the DWORD value's value data to 1 in one of the following registry keys: * For all users of the program, set the value in the following registry key: HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\Retry_HeaderOnlyPOST_OnConnectionReset * For the current user of the program only, set the value in the following registry key: HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\Retry_HeaderOnlyPOST_OnConnectionReset For example, to enable header-only post behavior in Internet Explorer and Windows Explorer, create DWORD values for iexplore.exe and explore.exe in one of these registry keys, and set their value data to 1. Note To enable header-only post behavior for all programs that use Wininet functions to post data to a Web server, create a DWORD value named * to the same registry key, and set the value's value data to 1. The information in this article applies to: * Microsoft Internet Explorer 6.0