我正在尝试发布包含隐藏字段和文件的multipart/form-data,并且传输挂起。
Web服务器:
Windows 2012服务器,运行IIS 8.0。
身份验证:启用Windows(协商和NTLM)
客户:
Windows 2008 Server/Windows 2012 Server(本地主机)
Internet Explorer 10.0.12
两者都有相同的问题
我有一个运行在Web服务器上的CGI,我检查以确保它可用并响应,然后发出一个JQuery Ajax请求以发送POST数据。使用Fiddler,我观察了Web服务器和浏览器之间的通信(如下)。它卡在最后一个请求上,它显示的Content-Length为500,但是没有数据。似乎IE正在等待发送它(?)。
在Fiddler中,您可以在发送响应之前修改数据。我试过了,它不允许编辑。似乎它仍在等待IE继续发送。我尝试关闭Windows身份验证并打开“匿名”,但我没有任何问题。此外,在第一个请求上,我无法重现该问题(它按预期工作),但在后续请求中,它是一致的。 Chrome,Firefox或IE9及更低版本没有问题。我无法确定它是浏览器还是Web服务器。
请求1个CGI检查
POST http://www.example.com/test/mycgi.exe/ABC HTTP/1.1
X-Requested-With: XMLHttpRequest
Accept: */*
Referer: http://www.example.com/test/mycgi2.exe/ABC
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)
Connection: Keep-Alive
Content-Length: 0
DNT: 1
Host: www.example.com
Pragma: no-cache
HTTP/1.1 401 Unauthorized
Content-Type: text/html
Server: Microsoft-IIS/8.0
WWW-Authenticate: Negotiate
WWW-Authenticate: NTLM
X-Powered-By: ASP.NET
Date: Fri, 03 Jan 2014 20:29:28 GMT
Content-Length: 1293
Proxy-Support: Session-Based-Authentication
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>
<title>401 - Unauthorized: Access is denied due to invalid credentials.</title>
<style type="text/css">
<!--
body{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;}
fieldset{padding:0 15px 10px 15px;}
h1{font-size:2.4em;margin:0;color:#FFF;}
h2{font-size:1.7em;margin:0;color:#CC0000;}
h3{font-size:1.2em;margin:10px 0 0 0;color:#000000;}
#header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF;
background-color:#555555;}
#content{margin:0 0 0 2%;position:relative;}
.content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;}
-->
</style>
</head>
<body>
<div id="header"><h1>Server Error</h1></div>
<div id="content">
<div class="content-container"><fieldset>
<h2>401 - Unauthorized: Access is denied due to invalid credentials.</h2>
<h3>You do not have permission to view this directory or page using the credentials that you supplied.</h3>
</fieldset></div>
</div>
</body>
</html>
POST http://www.example.com/test/mycgi.exe/ABC HTTP/1.1
X-Requested-With: XMLHttpRequest
Accept: */*
Referer: http://www.example.com/test/mycgi2.exe/ABC
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)
Connection: Keep-Alive
Content-Length: 0
DNT: 1
Authorization: Negotiate TlRMTVNTUAABAAAAl4II4gAAAAAAAAAAAAAAAAAAAAAGAbEdAAAADw==
Pragma: no-cache
Host: www.example.com
HTTP/1.1 401 Unauthorized
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
WWW-Authenticate: Negotiate TlRMTVNTUAACAAAAEgASADgAAAAVgoniOb3rEHzeNj0AAAAAAAAAAJwAnABKAAAABgLwIwAAAA9MAFIAUwBEAE8ATQBBAEkATgACABIATABSAFMARABPAE0AQQBJAE4AAQAUAFcASQBOAC0AUQBBADIAMAAxADIABAAUAGwAcgBzAGkAbgBjAC4AbwByAGcAAwAqAFcASQBOAC0AUQBBADIAMAAxADIALgBsAHIAcwBpAG4AYwAuAG8AcgBnAAUAFABsAHIAcwBpAG4AYwAuAG8AcgBnAAcACABOH1yAwgjPAQAAAAA=
Date: Fri, 03 Jan 2014 20:29:28 GMT
Content-Length: 341
Proxy-Support: Session-Based-Authentication
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd">
<HTML><HEAD><TITLE>Not Authorized</TITLE>
<META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD>
<BODY><h2>Not Authorized</h2>
<hr><p>HTTP Error 401. The requested resource requires user authentication.</p>
</BODY></HTML>
POST http://www.example.com/test/mycgi.exe/ABC HTTP/1.1
X-Requested-With: XMLHttpRequest
Accept: */*
Referer: http://www.example.com/test/mycgi2.exe/ABC
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)
Connection: Keep-Alive
Content-Length: 0
DNT: 1
Host: www.example.com
Pragma: no-cache
Authorization: Negotiate TlRMTVNTUAADAAAAGAAYAJgAAABEAUQBsAAAABIAEgBYAAAAEAAQAGoAAAAeAB4AegAAABAAEAD0AQAAFYKI4gYBsR0AAAAPuaPj4eFf7hfIoOiAvf0/xWwAcgBzAGQAbwBtAGEAaQBuAGMAcgBhAHcAZgBvAHIAZABXAEkATgAtAEIARAA3ADUANgBJAFAANgA0AE8ARwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdKgld6FBtRxfUcAQJS6yPAQEAAAAAAABOH1yAwgjPAQcXz+RFuDKzAAAAAAIAEgBMAFIAUwBEAE8ATQBBAEkATgABABQAVwBJAE4ALQBRAEEAMgAwADEAMgAEABQAbAByAHMAaQBuAGMALgBvAHIAZwADACoAVwBJAE4ALQBRAEEAMgAwADEAMgAuAGwAcgBzAGkAbgBjAC4AbwByAGcABQAUAGwAcgBzAGkAbgBjAC4AbwByAGcABwAIAE4fXIDCCM8BBgAEAAIAAAAIADAAMAAAAAAAAAAAAAAAADAAAEa6q+B5Lu1yFWYA3Wkqf+iAxY/qnzwZi2pgk0t1XqKNCgAQAAAAAAAAAAAAAAAAAAAAAAAJACAASABUAFQAUAAvADEAMAAuADkANgAuADgALgAxADgANgAAAAAAAAAAAAAAAADYL8orn+roxnPVhMNa1G0w
HTTP/1.1 200 OK
Content-Type: text/html
Server: Microsoft-IIS/8.0
Persistent-Auth: true
X-Powered-By: ASP.NET
Date: Fri, 03 Jan 2014 20:29:28 GMT
Connection: close
Content-Length: 0
请求2个包含数据和文件的POST
POST http://www.example.com/test/mycgi.exe/ABC?trid=pxupld HTTP/1.1
X-Requested-With: XMLHttpRequest
Accept: */*
Content-Type: multipart/form-data; boundary=---------------------------7dd3c817903dc
Referer: http://www.example.com/test/mycgi2.exe/ABC
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)
Host: www.example.com
DNT: 1
Connection: Keep-Alive
Pragma: no-cache
Authorization: Negotiate TlRMTVNTUAABAAAAl4II4gAAAAAAAAAAAAAAAAAAAAAGAbEdAAAADw==
Content-Length: 0
HTTP/1.1 401 Unauthorized
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
WWW-Authenticate: Negotiate TlRMTVNTUAACAAAAEgASADgAAAAVgonioR3IHBVFoYwAAAAAAAAAAJwAnABKAAAABgLwIwAAAA9MAFIAUwBEAE8ATQBBAEkATgACABIATABSAFMARABPAE0AQQBJAE4AAQAUAFcASQBOAC0AUQBBADIAMAAxADIABAAUAGwAcgBzAGkAbgBjAC4AbwByAGcAAwAqAFcASQBOAC0AUQBBADIAMAAxADIALgBsAHIAcwBpAG4AYwAuAG8AcgBnAAUAFABsAHIAcwBpAG4AYwAuAG8AcgBnAAcACABzQ2OAwgjPAQAAAAA=
Date: Fri, 03 Jan 2014 20:29:28 GMT
Content-Length: 341
Proxy-Support: Session-Based-Authentication
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd">
<HTML><HEAD><TITLE>Not Authorized</TITLE>
<META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD>
<BODY><h2>Not Authorized</h2>
<hr><p>HTTP Error 401. The requested resource requires user authentication.</p>
</BODY></HTML>
POST http://www.example.com/test/mycgi.exe/ABC?trid=pxupld HTTP/1.1
X-Requested-With: XMLHttpRequest
Accept: */*
Content-Type: multipart/form-data; boundary=---------------------------7dd3c817903dc
Referer: http://www.example.com/test/mycgi2.exe/ABC
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)
Host: www.example.com
Content-Length: 500
DNT: 1
Proxy-Connection: Keep-Alive
Pragma: no-cache
Authorization: Negotiate TlRMTVNTUAADAAAAGAAYAJgAAABEAUQBsAAAABIAEgBYAAAAEAAQAGoAAAAeAB4AegAAABAAEAD0AQAAFYKI4gYBsR0AAAAPbaRPHPhdB+KO+QMFMSieX2wAcgBzAGQAbwBtAGEAaQBuAGMAcgBhAHcAZgBvAHIAZABXAEkATgAtAEIARAA3ADUANgBJAFAANgA0AE8ARwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAUat4cr34A16p/u9YeXYBAAQEAAAAAAABzQ2OAwgjPAVb+mEX8/lPwAAAAAAIAEgBMAFIAUwBEAE8ATQBBAEkATgABABQAVwBJAE4ALQBRAEEAMgAwADEAMgAEABQAbAByAHMAaQBuAGMALgBvAHIAZwADACoAVwBJAE4ALQBRAEEAMgAwADEAMgAuAGwAcgBzAGkAbgBjAC4AbwByAGcABQAUAGwAcgBzAGkAbgBjAC4AbwByAGcABwAIAHNDY4DCCM8BBgAEAAIAAAAIADAAMAAAAAAAAAAAAAAAADAAAEa6q+B5Lu1yFWYA3Wkqf+iAxY/qnzwZi2pgk0t1XqKNCgAQAAAAAAAAAAAAAAAAAAAAAAAJACAASABUAFQAUAAvADEAMAAuADkANgAuADgALgAxADgANgAAAAAAAAAAAAAAAAAQcolcJBPzOWjm8V7iJiki
我想挂起等待数据,有什么想法吗?
最佳答案
这是怎么回事。
解决方法:向IIS发送GET或HEAD请求。 IE将根据该请求进行身份验证。完成后,发送您的POST。 IE将从POST的GET或HEAD请求(及其多汁的Windows身份验证数据)中回收TCP连接,并正确发送数据。