Problem with authentication sessions
Hello to all,
Please give me just a couple of minutes of your time and you can go about your business further.
If you use the Mozilla Firefox browser (without using a proxy), click the link , clear the authentication sessions (to do this, press Ctrl + Shift + Del , check the box next to Authentication Session and click Delete Now ), open a new tab in the browser and Try to access this link again. The second time this link will not open.
')
PS Already zaminusovali. Oh, thanks.
Get down to business, I have a problem with the client. The client represents a network of large online stores and wants us to fix it. Our company is engaged in content optimization and in this case the problem is connected with a robot on the IIS server that generates dynamic JavaScript. In particular, the problem occurs when accessing this script via the https protocol after clearing authentication sessions.
The client’s server has Apache, this version of which is insensitive to such excesses. It turns out that when cleaning up authentication sessions and viewing the page via SSL, only dynamically generated JavaScript from our server is not loaded.
Using SSL-log, the interaction between Microsoft IIS and Mozilla Firefox is performed in the following steps:
I open javascript on https ...
Data uploaded successfully. Here I clear the authentication session. Repeated access to the server ...
Socket closure occurs.
Detailed SSL log can be found here .
If someone has guesses, assumptions, or someone knows what this may be connected with, I will be very happy for your comments.
I already wrote about this on the Mozilla forums , but there is still no answer.
The client doesn’t care that the average user doesn’t think to clean the session or other user data. He is no longer satisfied with us and we did not want to disappoint him even more.
Please give me just a couple of minutes of your time and you can go about your business further.
If you use the Mozilla Firefox browser (without using a proxy), click the link , clear the authentication sessions (to do this, press Ctrl + Shift + Del , check the box next to Authentication Session and click Delete Now ), open a new tab in the browser and Try to access this link again. The second time this link will not open.
')
PS Already zaminusovali. Oh, thanks.
Get down to business, I have a problem with the client. The client represents a network of large online stores and wants us to fix it. Our company is engaged in content optimization and in this case the problem is connected with a robot on the IIS server that generates dynamic JavaScript. In particular, the problem occurs when accessing this script via the https protocol after clearing authentication sessions.
The client’s server has Apache, this version of which is insensitive to such excesses. It turns out that when cleaning up authentication sessions and viewing the page via SSL, only dynamically generated JavaScript from our server is not loaded.
Using SSL-log, the interaction between Microsoft IIS and Mozilla Firefox is performed in the following steps:
I open javascript on https ...
• Customer request
- setting https connection
- sending supported encryption types to server
• Server response
- sending connection and certificate parameters to client
• Customer request
- transfer of the encrypted key to the server
- use encryption options
• Server response
- use encryption options
• Customer request
- sending an encrypted message
• Server response
- sending an encrypted message
Data uploaded successfully. Here I clear the authentication session. Repeated access to the server ...
• Customer request
- alert type message, which means closing the connection
Socket closure occurs.
Detailed SSL log can be found here .
If someone has guesses, assumptions, or someone knows what this may be connected with, I will be very happy for your comments.
I already wrote about this on the Mozilla forums , but there is still no answer.
The client doesn’t care that the average user doesn’t think to clean the session or other user data. He is no longer satisfied with us and we did not want to disappoint him even more.
Source: https://habr.com/ru/post/24582/
All Articles