|
| Problem | Internet Explorer (IE) 6 clients communicating over secure socket layers (SSL) transport have observed "HTTP 500 internal server error" messages returned to the browser after installing the Microsoft security update 832894 (MS04-004) or the 821814 Hotfix on the client machine. | | Cause | Internal or external clients using the Microsoft IE 6 browser to connect to a Web server with SSL, might occasionally receive the "HTTP 500 internal server error" after installing Microsoft security update 832894 (MS04-004) or the 821814 Hotfix. Usually, this message occurs after form data is filled in and submitted for processing.
Analysis
Analysis of several plugin traces have shown the following pattern:
TRACE: lib_htrequest: htrequestWrite: Writing the request: TRACE: POST /MyApp/MyServlet HTTP/1.1 TRACE: accept: image/gif, image/x-xbitmap, image/jpeg, */* TRACE: referer:https: //www.mycompany.com/MyApp/MyPreviousServlet TRACE: accept-language: en-us TRACE: content-type: application/x-www-form-urlencoded TRACE: accept-encoding: gzip, deflate TRACE: user-agent: Mozilla/4.0 (MSIE 6.0; Windows 98; .NET CLR 1.1.4322) TRACE: host: www.mycompany.com TRACE: connection: Keep-Alive TRACE: cache-control: no-cache TRACE: cookie: JSESSIONID=0001XDC3RO2Y2WZ1OCZOTYX1NOZ:v32r1ral TRACE: content-length: 0 TRACE: $WSCS: RC4-128 TRACE: $WSIS: true TRACE: $WSSC: https TRACE: $WSPR: HTTP/1.1 TRACE: $WSRA: 10.10.10.2 TRACE: $WSRH: 10.10.10.2 TRACE: $WSSN: www.mycompany.com TRACE: $WSSP: 443 TRACE: $WSSI: S0cfsXtuwnRx01sgrt= TRACE: ws_common: websphereExecute: Wrote the request; reading the response
The WebSphere plug-in received data from the client, communicating over SSL. The request has the Content-Length set to zero (or the HTTPS POST requests did not have a body), and the HTTP header is being set by the client to the IE 6 browser.
The client browser is responsible for sending correct and complete data to the Web server, which does not happen in this case. A TCP/IP trace confirmed the analysis from the plug-in trace. | | Solution | Microsoft Knowledge Base Article - 831167 describes the following:
Programs that use Wininet functions to post data, such as a user name or password, to a Web server retry the POST request with a blank header if the Web server closes or resets the initial connection request.
This behavior can be caused by Microsoft 832894 security update or by the Microsoft 821814 Hotfix.
Microsoft Knowledge Base Article - 831167 also states that the solution for this problem is to install the KB831167 fix.
This Microsoft IE 6 patch must be installed on Windows® client machines using IE 6 browsers. | |
| | |
| |
|
Product categories: Software, Application Servers, Distributed Application & Web Servers, WebSphere Application Server, Plug-in Operating system(s): AIX, HPUX, Linux, Multi-Platform, Solaris, Windows Software version: 3.5, 4.0, 4.1, 5.0, 5.1 Software edition: Edition Independent Reference #: 1165399 IBM Group: Software Group Modified date: 2004-04-06
(C) Copyright IBM Corporation 2000, 2004. All Rights Reserved.
|