We are able to reliably recreate the following scenario:
- Create a small HTML page that makes AJAX requests to a server (using HTTP POST)
- Disconnect from the network and reconnect
- Monitor the packets that IE generates after the failure
After a failed network connection, IE makes the next AJAX request but only sends the HTTP header (not the body) when doing the HTTP post. This causes all sorts of problems on the server as it is only a partial request. Google this issue with Bing and you'll find lots of people complaining about "random server errors" using AJAX or unexplained AJAX failures.
We know that IE (unlike most other browsers) always sends an HTTP POST as TWO TCP/IP packets. The header and body is sent separately. In the case directly after a failure, IE only sends the header .
So my question is - why does it behave this way? It seems wrong based on the HTTP spec and other browsers don't behave this way. Is it simply a bug? Surely this creates havoc in any serious AJAX based Web application.
Reference information:
There is a similar problem, triggered by HTTP keep-alive timeouts that are shorter than 1 minute and is documented here:
http://support.microsoft.com/default.aspx?kbid=831167
Here are the before and after failure packet captures:
Notice how the HTTP Header and Payload is sent http://img827.imageshack.us/i/beforee.png/
After a failure, notice how only the Header is sent. IE never sends the payload and the server eventually responds with a Timeout. http://img203.imageshack.us/i/retryt.png/
Source: Tips4all
There does not seem to be a clear answer to this question, so I will provide my empirical data as a substitute and provide some ways to work around it. Maybe some MS insider will one day shed some light on this...
ReplyDeleteIf HTTP Keep-Alive is disabled on the server, this issue goes away. In other words, your HTTP 1.1 server server will respond to every Ajax request with a Connection: Close line in the response. This keeps IE happy but causes every Ajax request to open a new connection. This can have a significant performance impact, especially on high latency networks.
The issue is triggered easily if Ajax requests are made in rapid succession. For example, we make Ajax requests every 100ms and then the network status changes, the error is easy to reproduce. Although most applications probably do not make such requests, you might well have a couple of server calls happening right after each other which could lead to this problem. Less chatty keeps IE happy.
It happens even without NTLM authentication.
It happens when your HTTP keep-alive timeout on the server is shorter than the default (which defaults to 60 seconds on Windows). Details provided in link in question.
It does not happen with Chrome or Firefox. FF sends one packet so seems to avoid this issue altogether.
It happens in IE 6, 7, 8. Could not reproduce with IE 9 beta.
The microsoft KB article titled When you use Microsoft Internet Explorer or another program to perform a re-POST operation, only the header data is posted seems to fix this problem.
ReplyDeleteThe article provides a hotfix. For later browsers such as IE8 it says the hotfix is already included but needs to be enabled through the registry settings on the client PC.
This is a longshot, but IE (and even Firefox) sometimes "remembers"
ReplyDeletethe connection it uses for an HTTP request. Notes/examples:
In Firefox, if I change the proxy settings and hit SHIFT-RELOAD on
a page, it still uses the old proxy. However, if I kill the old
proxy ("killall squid"), it starts using the new proxy.
When you disconnect/reconnect, do you receive a new IP address or
anything similar? Can you somehow monitor the old IP address to see
if IE is sending data to that now-dead address?
My guess is that IE is sending the data, just down the wrong
path. It might be smart enough to not cache network connections for
"POST" packets, but might not be smart enough to do that for POST
payloads.
This probably doesn't affect most AJAX apps, since people rarely
disconnect and re-connect to their networks?
Are you using NTLM authentication?
ReplyDeleteWhen using NTLM authentication, IE doesn't send post-data. It sends header info, expects an unauthorized response send authorization, and after the 're-authentication' sends the post.