Problems related to Cookie writing failure of ASP. Net websites caused by IE10 and IE11 User-Agent

Source: Internet
Author: User

  

Have you ever run well in IE 6, 7, 8, and 9 when using a website or management system that involves Cookie operations, but when it comes to IE10, 11, these high-version browsers won't work? Okay, this problem code farmer encountered twice in two consecutive days. Let's take a look at the cause and effect of this problem.

First, let's talk about these two application scenarios. One is to store cookies on a page, and then record related data into the database. However, after being published to the production environment, the warehouse receiving operation does not occur; later, the problem was found here by printing logs:

if (Request.Browser.Cookies)

That is to say, if the client is IE10, False is returned here! Which of the following is not supported in the default configuration? You can play with me at Microsoft.

The second test was an upgrade test in a city. In the IE10 environment, self-service website login failed. This problem is strange because IE10 has been used normally in many cities. This greatly aroused the interests of the coders and led to this article.

After the scenario is described, we will analyze it. Although intuition tells the coders that there may be a problem with reading or writing cookies, intuition is unreliable. We still need to talk about facts and evidence. In international practice, capture an HTTP packet first:

It is the HTTP Response Header returned by the server when the server fails to log on to IE10. It is the HTTP Response Header returned by the server when other browsers log on normally. Note the red box section;

The direct cause of the problem is clear: when the server responds to the request, there is no returned Set-Cookie header. Without this header, the client browser cannot write the Cookie. Therefore, self-service websites based on Form authentication (encrypted tickets are stored in cookies) cannot log on.

At this time, you may find it strange. Why is this only true for IE10 and IE11? Are Other IE browsers running properly? Well, to satisfy your curiosity, we will continue our analysis.

If the. NET FrameWork is installed on your machine, open the directory C: \ Windows \ Microsoft. NET \ Framework \ v4.0.30319 \ Config \ Browsers. In popular science, the. browser file in the folder is globally accessed, used to identify the requesting browser and identify the features of these browsers. If you want to customize the modification (for example, for a specific mobile device), you only need to copy the corresponding. browser file to the \ App_Browsers folder of the application. Use NotePad to open the ie. browser file,

Pay attention to the regular expression marked with red in the figure. Then let's take a look at the User-Agent of IE10 published by Microsoft:Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)The MSIE version number is changed from the previous one-digit number (5-9) to the current two-digit number (10). Obviously, it cannot match the regular expression above. Therefore, ASP. NET regards it as an unknown browser, and thinks it does not support cookies, resulting in a series of Cookie-related problems.

The root cause of the problem is to know. How can this problem be solved?

In fact, this problem has been officially confirmed by Microsoft. It is an IE10 Bug, but it can also be considered as an ASP. NET 2.0, 3.5, 4.0, because these versions cannot identify IE10 User-Agent. Microsoft released HOTFIX to fix this problem:

  • KB2600088: Hotfix is applicable to ASP. NET in Microsoft. NET Framework 4.0.
  • KB2608565: Hotfix is applicable to ASP. NET in. NET Framework 3.5.1.
  • KB2600100: Hotfix is applicable to ASP. NET Framework 3.5 SP1 and. NET Framework 2.0 SP2.

Many of the Windows servers of the coders will automatically update and install the patches. Therefore, other cities in scenario 2 are used normally because these servers have been patched, some servers that are newly mounted or reinstalled to the system or automatically update servers that are not set up are likely to encounter such problems...
If you do not have operation permissions on the server or do not want to install patches, for example, you can add a browser definition file in the root directory of the website. The steps are as follows:

1. Add a "App_Browsers" folder;

2. Add a file with the suffix "*. browser", such as IE10.browser;

3. Add the following content to the file (the following configuration indicates that Cookies are supported for all devices and browsers ):

<browsers>       <browser refID="Default">            <capabilities><!-- To avoid wrong detections of e.g. IE10 -->               <capability name="cookies" value="true" />               <capability name="ecmascriptversion" value="3.0" />            </capabilities>        </browser>   </browsers>  

This is a configuration for a site. If you do not want to install patches or make global configuration for all the sites on the server, what should you do? It is very easy. In fact, the above is clearly stated. The problem lies in ie. browser file configuration, so we only need to add this string "\ d {2,} $" on the basis of the original, so that ASP. NET can recognize IE10 User-Agent. The modified configuration is as follows:

<capability name="majorversion" match="^[6-9]|\d{2,}$" />

After modification, go to the command line to change the modified. the browser file is compiled into an assembly and installed in GAC. For Windows Server 2008 and Win7, run the command line C: \ Windows \ Microsoft as an administrator. NET \ Framework \ v4.0.30319 \ aspnet_regbrowsers.exe-I

 

For IE11"Mozilla/5.0 (Windows NT 6.3; Trident/7.0; rv: 11.0) like Gecko"The change is bigger, so we need to add the following string for matching:

<!-- Mozilla/5.0 (Windows NT 6.3; Trident/7.0; rv:11.0) like Gecko --><browser id="IE11Preview" parentID="Mozilla">    <identification>        <userAgent match="Trident/(?'layoutVersion'\d+).*rv:(?'revision'(?'major'\d+)(\.(?'minor'\d+)?))" />        <userAgent nonMatch="MSIE" />    </identification>    <capabilities>        <capability name="browser"              value="IE" />        <capability name="layoutEngine"         value="Trident" />        <capability name="layoutEngineVersion"  value="${layoutVersion}" />        <capability name="isColor"              value="true" />        <capability name="screenBitDepth"       value="8" />        <capability name="ecmascriptversion"    value="3.0" />        <capability name="jscriptversion"       value="6.0" />        <capability name="javascript"           value="true" />        <capability name="javascriptversion"    value="1.5" />        <capability name="w3cdomversion"        value="1.0" />        <capability name="ExchangeOmaSupported" value="true" />        <capability name="activexcontrols"      value="true" />        <capability name="backgroundsounds"     value="true" />        <capability name="cookies"              value="true" />        <capability name="frames"               value="true" />        <capability name="javaapplets"          value="true" />        <capability name="supportsCallback"     value="true" />        <capability name="supportsFileUpload"   value="true" />        <capability name="supportsMultilineTextBoxDisplay" value="true" />        <capability name="supportsMaintainScrollPositionOnPostback" value="true" />         <capability name="supportsVCard"        value="true" />        <capability name="supportsXmlHttp"      value="true" />        <capability name="tables"               value="true" />        <capability name="supportsAccessKeyAttribute"    value="true" />        <capability name="tagwriter"            value="System.Web.UI.HtmlTextWriter" />        <capability name="vbscript"             value="true" />        <capability name="revmajor"             value="${major}" />        <capability name="revminor"             value="${minor}" />    </capabilities></browser>

Three axes!

Happiness comes so suddenly ~~~

 

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.