[ic] Internet Explorer problem

Dan Browning interchange-users@interchange.redhat.com
Wed Jan 16 15:15:01 2002 

> Kaare Rasmussen wrote:
> > 
> > I'm asking this because I'm not sure where the problem really is.
> > 
> > One customer was kind enough to write an email that he 
> could not check out
> > his order.
> > I've heard this before, but I can't recreate the problem 
> myself with the
> > browsers that I have access to. The problem is that the 
> customer fills out
> > the form, but whatever he does, it will not accept the 
> order, it will just
> > return to the check out page with no error message.
> > 
> > The customer uses MS Explorer ver. 5.00.2920.000. I've 
> tried with another
> > brand of IE 5.0, but without the problem.
> > 
> > Clue: When entering the index page, he was greeted with an 
> authorization
> > error, he says. I'm not sure this can be true; Why should 
> it do any SSL
> > activity, I don't know. Also, the page would be totally 
> tilted if it was
> > displayed (there is SSL on the Apache web server).
> > 
> > Another clue, maybe: When moving the mouse over the Order 
> button, he sees an
> > error message in the statusline in the browser: 'javascript: void 0
> > 
> > I can't see any entries in error.log at the time he tried 
> to enter an order.
> > 
> > I'm using Interchange 4.8.2, foundation layout.
> > 
> > Any hints to what can be done?
> 
> Did you look into the apache log? Did you have an extra 
> apache log file
> for any error messages?
> In my case, I did have the same trouble some time ago and the 
> cause was
> a bug in IE Version 5.0 with SSL!
> Did you use IE 5.0 with 128Bit SSL with success? Has your 
> customer an IE
> 5.0 with 56 Bit SSL?
> 
> Joachim

In addition to Jaachim's hints, you can turn on IE's JavaScript debugger
(which a random percentage of clients will have on) to fix any JS that
IE doesn't like on your page:

Advanced->Browsing->"Disable Script Debugging" (may be different for
versions of IE).  

Also, I've found that different IE versions have different success rates
with Apache/OpenSSL, especially .0 versions with no patches, and 40-bit
security.  While they are caused by bugs on MS's part, it would be nice
if Apache/OpenSSL handled them better (and it seems to get better with
every release).  I recommend OpenSSL 0.9.6c.  

In any case, these seem to help:

BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
SetEnvIf User-Agent ".*MSIE.*" \
         nokeepalive ssl-unclean-shutdown \
         downgrade-1.0 force-response-1.0

HAND,

+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Dan Browning, Sr. Tech Consultant
| Kavod Technologies, 1498 SE Tech Center Pl Ste 170
| Vancouver, WA 98683  <dan.browning@kavod.com>
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
After I run your program, let's make love like crazed weasels, OK?