I have an ASP.NET application that stores files as BLOBS into a database
server for later retrieval. About two weeks ago we started experiencing
problems in IE when it stopped parsing the Content-Type HTTP headers we were
sending from ASP.NET. Any help very much appreciated!
SYMPTOMS:
1) When downloading a static files such as PDISCert.cer (headers shown
below), IE correctly recognizes the file as a "Security Certificate" as per
the IIS MIME mapping I have set in the IIS metabase for *.cer files: *.cer
=> application/x-x509-ca-cert.
2) When downloading a dynamic file such as PDISCert.aspx that outputs the
bytes from PDISCert.cer file (headers shown below), IE FAILS to correctly
recognize the file as a "Security Certificate" as per the Content-Type HTTP
header that is sent to the browser "Content-Type:
application/x-x509-ca-cert."
3) Problem just showed up two weeks ago with a year and a half of successful
operation.
4) Problem appears in all tested versions of IE from on-campus and
off-campus environments.
5) Problem appears in IE but not in Netscape/Modzilla/Opera.
6) Problem appears for multiple MIME types.
6.a) Problem appears for "Content-Type: application/x-x509-ca-cert".
6.b) Problem appears for "Content-Type: application/pdf".
6.c) Problem appears for "Content-Type: image/jpg".
7) IE seems to ignore "content-disposition: inline; filename=PDISCert.cer"
too.
=====================================================
FAILS -- When downloading a dynamic file such as PDISCert.aspx that
outputs the bytes from PDISCert.cer(headers shown below), IE FAILS to
correctly recognize the file as a "Security Certificate" as per the
Content-Type
HTTP header that is sent to the browser
"Content-Type: application/x-x509-ca-cert."
=====================================================
REQUEST
----------------------------------------------------------
HEAD /Authentication/Cert2.aspx HTTP/1.0
Host:
www.pdis.org
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR
1.1.4322)
RESPONSE
----------------------------------------------------------
HTTP/1.1·200·OK(CR)(LF)
Connection:·close(CR)(LF)
Date:·Mon,·15·Mar·2004·20:09:16·GMT(CR)(LF)
Server:·Microsoft-IIS/6.0(CR)(LF)
X-AspNet-Version:·1.1.4322(CR)(LF)
content-disposition:·inline;·filename=PDISCert.cer(CR)(LF)
Set-Cookie:·ASP.NET_SessionId=rknbgprxg2hijd55ulcavp45;·path=/(CR)(LF)
Cache-Control:·private(CR)(LF)
Content-Type:·application/x-x509-ca-cert(CR)(LF)
Content-Length:·1377(CR)(LF)(CR)(LF)
=====================================================
WORKS -- When downloading a static files such as PDISCert.cer (headers
shown below), IE correctly recognises the file as a "Security Certificate"
as
per the IIS MIME mapping I have set in the IIS metabase:
*.cer => application/x-x509-ca-cert.
=====================================================
REQUEST
----------------------------------------------------------
HEAD /Authentication/PDISCert.cer HTTP/1.0
Host:
www.pdis.org
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR
1.1.4322)
RESPONSE
----------------------------------------------------------
HTTP/1.1·200·OK(CR)(LF)
Content-Length:·1377(CR)(LF)
Content-Type:·application/x-x509-ca-cert(CR)(LF)
Last-Modified:·Thu,·15·May·2003·03:48:23·GMT(CR)(LF)
Accept-Ranges:·bytes(CR)(LF)
ETag:·"f2c52fd5941ac31:e6a"(CR)(LF)
Server:·Microsoft-IIS/6.0(CR)(LF)
Date:·Mon,·15·Mar·2004·20:59:57·GMT(CR)(LF)
Connection:·close(CR)(LF)(CR)(LF)
ASP.NET C# Code used to produce error condition.
============================================
<script runat=server>
protected override void OnLoad(System.EventArgs e)
{
Response.BufferOutput = true;
Response.Clear();
//application/pkix-cert (usually accepted by Internet Explorer)
//application/x-x509-ca-cert (usually accepted by Netscape)
System.IO.FileStream objFileStream =
System.IO.File.OpenRead(this.MapPath(@"PDISCert.cer"));
byte[] objByteArray = new byte[(int)objFileStream.Length];
objFileStream.Read(objByteArray, 0, (int)objFileStream.Length);
objFileStream.Close();
Response.ContentType="application/x-x509-ca-cert";
Response.AddHeader( "content-disposition","inline; filename=PDISCert.cer");
Response.BinaryWrite(objByteArray);
Response.End();
}
</script>
Will Baldwin wbaldwin DeleteThis @n05p4m.ksu.edu
Associate Director for Information Technology
Great Plains Diagnostic Network
Kansas State Research and Extension
"Knowledge for Life"
FAQ
Profile
Private Messages
Log in
