Girish_Kamat
asked on
HttpSendRequest fails with last error as 12007 for servers like http://gnk/e5net or http://10.1.1.1/e5net
After installing latest security patch for Internet Explorer 6.0 on Microsoft Windows XP/2000 HttpSendRequest on HTTP(Port 80) returns error message 12007 for servers like http://gnk/e5net or http://10.1.1/e5net but resolves http://gnk or http://10.1.1.1 (all on intranets) correctly. If you reinstall IE6 without this patch the application works perfectly but if you install patch again the problem recurs. Installing new wininet.dll dated 6 feb also does not solve this problem or is this problem due to wininet.dll dated 6 february. What is work around. I am making calls from client component which uses IE as container but the problem persists even if I make call from ordinary dll.
regards
regards
ASKER
answer to Mercantilum
1.If I enter address by hand in the browser then it is able to access the site and retrieve data.
2.HttpSendRequest fails to resolve server address even with trailing slash.
1.If I enter address by hand in the browser then it is able to access the site and retrieve data.
2.HttpSendRequest fails to resolve server address even with trailing slash.
I saw your post about POSTs previously and I guess the problem is linked.
According to some threads on newsgroup it is likely that the header returned by your server(s) may not cope with the patch you applied.
When you say that it can resolve http://10.1.1.1 for instance, you mean it can access to it - it works, right ?
[ since actually in both cases, http://10.1.1.1 and http://10.1.1.1/e5net the same resolution - well just the straight IP - is done ].
1. can you confirm that http://10.1.1.1 works normally
Besides that I'd like to know a bit more about these 2 servers
2. what kind of servers are http://10.1.1.1 and qnk [is it the same - eg qnk addr is 10.1.1.1 ?] ? Apache, IIS, and their version
What do you expect in this directory /e5net ?
3. What kind of data is returned from the folder e5net - html, dir listing .... ?
We'll get it little by little :)
According to some threads on newsgroup it is likely that the header returned by your server(s) may not cope with the patch you applied.
When you say that it can resolve http://10.1.1.1 for instance, you mean it can access to it - it works, right ?
[ since actually in both cases, http://10.1.1.1 and http://10.1.1.1/e5net the same resolution - well just the straight IP - is done ].
1. can you confirm that http://10.1.1.1 works normally
Besides that I'd like to know a bit more about these 2 servers
2. what kind of servers are http://10.1.1.1 and qnk [is it the same - eg qnk addr is 10.1.1.1 ?] ? Apache, IIS, and their version
What do you expect in this directory /e5net ?
3. What kind of data is returned from the folder e5net - html, dir listing .... ?
We'll get it little by little :)
What kind of process is making that call? If it is a Service, or is otherwise running under the LocalSystem account, perhaps it does not have proper privledges to access the intranet host.
-- Dan
-- Dan
ASKER
Answer to Mercantilum
1. http://10.1.1.1 works normally. The application is ERP application with 20+ connected users. Before patch it use to run as http://10.1.1.1/e5net where e5net is virtual directory.
2. Server is IIS 5.0 on Windows 2000. gnk is machine name so on intranet both http:/10.1.1.1 and http://gnk resolves to same address.
Directory e5net has isapi dlls with e5net.dll being called by http server which in turn calls other dlls.
3.Isapi dlls returns text data which is interpreted by the client component which does the presentation and supports data input and interaction with server. The return data size can be as small as 2048 characters to 2-3 MB of data for very large reports.
Answer to DanRollins.
Basically its ERP client where user starts browser and types url http://10.1.1.1/e5net in IE6 browser window. This loads default.htm The relevant portion of default.htm is
quotes <frame name="banner" scrolling="no" noresize target="contents" src="e5net.dll?kfn=Login&"
marginwidth="0" marginheight="0"> endquotes
Even with new patch this call is invoked and Login Screen is flashed which is active-X based proprietary component. The component handles navigation between different fields and for validation of password communicates with server. Hereafter all communiction is based on Wininet calls using the same server settings.
Priviledges may not be the issue since when the address is typed by the hand in browser window same commands work perfectly ok. This application is in use with number of our clients for more than a year and only those clients who have applied this patch this communication fails. Further we are still able to access using this syntax from Win98 machines since this patch is not applied on these machines. So problem is less likely to be server side problem. Further as I said if we go for fresh installation of IE6 (using original CD) on these machines the solutions works.
(as a workaround after installing this patch the users use only http://10.1.1.1 since we have changed default web site pointing to our physical directory c:\enterprise on the server).
We have verified using our proprieary web server which we use for debugging and testing the we do not receive any data from client even aftre HttpSendRequest is made in this particular case even when both client and server is on the same machine (Windows XP home edition on the notebook computer) using same addresses (on different intranet).
regards.
Since I am in Mumbai,India please accept delay in my responses which are due to time differences.
1. http://10.1.1.1 works normally. The application is ERP application with 20+ connected users. Before patch it use to run as http://10.1.1.1/e5net where e5net is virtual directory.
2. Server is IIS 5.0 on Windows 2000. gnk is machine name so on intranet both http:/10.1.1.1 and http://gnk resolves to same address.
Directory e5net has isapi dlls with e5net.dll being called by http server which in turn calls other dlls.
3.Isapi dlls returns text data which is interpreted by the client component which does the presentation and supports data input and interaction with server. The return data size can be as small as 2048 characters to 2-3 MB of data for very large reports.
Answer to DanRollins.
Basically its ERP client where user starts browser and types url http://10.1.1.1/e5net in IE6 browser window. This loads default.htm The relevant portion of default.htm is
quotes <frame name="banner" scrolling="no" noresize target="contents" src="e5net.dll?kfn=Login&"
marginwidth="0" marginheight="0"> endquotes
Even with new patch this call is invoked and Login Screen is flashed which is active-X based proprietary component. The component handles navigation between different fields and for validation of password communicates with server. Hereafter all communiction is based on Wininet calls using the same server settings.
Priviledges may not be the issue since when the address is typed by the hand in browser window same commands work perfectly ok. This application is in use with number of our clients for more than a year and only those clients who have applied this patch this communication fails. Further we are still able to access using this syntax from Win98 machines since this patch is not applied on these machines. So problem is less likely to be server side problem. Further as I said if we go for fresh installation of IE6 (using original CD) on these machines the solutions works.
(as a workaround after installing this patch the users use only http://10.1.1.1 since we have changed default web site pointing to our physical directory c:\enterprise on the server).
We have verified using our proprieary web server which we use for debugging and testing the we do not receive any data from client even aftre HttpSendRequest is made in this particular case even when both client and server is on the same machine (Windows XP home edition on the notebook computer) using same addresses (on different intranet).
regards.
Since I am in Mumbai,India please accept delay in my responses which are due to time differences.
My suggestion was based on the observation that many O/S patches are related to plugging security holes. It is possible that this latest SP considers the old way of business to be exploitable (thought I can't think exactly why, I always admit that many hackers are smarter than me and smarter than some people at Microsoft).
When you do it from a browser, you are using your own active credentials. When you do it from an ISAPI filter or other IIS-run process, then a different set of credentials are in play and that set of credentials is severely limited in some respects.
So, you should at least consider the possibility that there in no bug in the latest SP, that instead the behavior that you witness is in fact a new safety feature.
-- Dan
When you do it from a browser, you are using your own active credentials. When you do it from an ISAPI filter or other IIS-run process, then a different set of credentials are in play and that set of credentials is severely limited in some respects.
So, you should at least consider the possibility that there in no bug in the latest SP, that instead the behavior that you witness is in fact a new safety feature.
-- Dan
ASKER
I agree wtih that possibility. However what concerns me immediately is that do not have to ask all my clients to stop using virtual webs for our software. From microsoft explanation on side effects of these patches, lot of legitimate functionality has been taken out (e.g. userId and password in URLs which is good), but is taking out virtual web functionality is also intentional or side effect of some changes they have made in parsing logic. Do I have to wait for patch or assume that this functionality is out of bounds for wininet calls or their is workaround even now.
regards
regards
I hope you can get things worked out. I just don't have enough experience to offer reasonable advice. You might need to change your program in some way to workaround the changes....
This question has been classified as abandoned. I will make a recommendation to the moderators on its resolution in approximately one week. I would appreciate any comments by the experts that would help me in making a recommendation.
It is assumed that any participant not responding to this request is no longer interested in its final deposition.
If the asker does not know how to close the question, the options are here:
https://www.experts-exchange.com/help.jsp#hs5
Tinchos
EE Cleanup Volunteer
It is assumed that any participant not responding to this request is no longer interested in its final deposition.
If the asker does not know how to close the question, the options are here:
https://www.experts-exchange.com/help.jsp#hs5
Tinchos
EE Cleanup Volunteer
PAQ/refund
No comment has been added lately, so it's time to clean up this question.
I will leave the following recommendation for this question in the Cleanup topic area:
PAQ with points refunded
Please leave any comments here within the next four days.
PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!
Tinchos
EE Cleanup Volunteer
I will leave the following recommendation for this question in the Cleanup topic area:
PAQ with points refunded
Please leave any comments here within the next four days.
PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!
Tinchos
EE Cleanup Volunteer
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
2. http://gnk/e5net/ and http://10.1.1/e5net/ with a trailing slash just in case