[ic] Norton BHO causing session loss
paul at gishnetwork.com
Thu Mar 3 19:52:50 UTC 2011
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
NotRobotUA includes MSIE
I am seeing people getting a new session ID when travelling to an SSL
encrypted page. I believe this is a new phenomenon because this site has
been working fine for 5+ years. I just so happened to have access to a PC
displaying the symptom and have narrowed it down to (at least on this
computer) Norton Intrusion Protection, which is a browser Add-on. If I
disable it, all works fine.
I placed a [data session spider] on the page and do not see IC recognizing
it as a spider.
So far I only have knowledge of this issue affecting IE7 and IE8, and I only
know that the above work around works on IE8, if they have the Norton BHO.
Interestingly, I am using IE9 and happen to have the Norton BHO as well, and
I personally *do not* lose my session when travelling to a SSL encrypted
I am still gathering observations, but thought I'd cast this out there early
to see what I catch.
Thanks in advance for any ideas.
More information about the interchange-users