IE10用户代理导致 ASP.Net 不返回 Set-Cookie (IE10未设置 Cookie)

摘要

在使用 IE10时,ASP.Net 不会返回 Set-Cookie头文件。这意味着,例如,当使用 Forms Authentication 时,您不能使用 IE10登录到 ASP.Net 站点。

细节

我们目前正在测试我们的一个遗留网络应用程序对 IE10[预览2]。

当尝试使用 FormsAuthentication 登录时,如果用户代理是 IE10的用户代理,则响应中不会出现 Set-Cookie头。我们已经试过了,一片空白。净值2及。网址4。

因为我们不能/不愿意相信,我们甚至在使用了所有常用工具之后,通过 telnet手动运行后续 HTTP 请求,得到了相同的响应。

GET http://test.ourdomain.co.uk/ HTTP/1.1
Accept: */*
Host: test.ourdomain.co.uk
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)
Content-Length: 0

上述 HTTP 请求在响应中不返回 Set-Cookie。然而,如果我们只是改变用户代理的 Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/6.0)它的工作!

还有人能复制这个吗?除了一个影响非标准 URL 模式的问题外,我找不到任何关于 IE10 cookie 的已知问题。

修复程序

Devio发布原始答案后,通过一个变通方案,无效已经确认现在有一个 修复这个

Http://support.microsoft.com/kb/2600088

我已经把修补程序提升到主要问题,因为它只是方便将来参考,但请对用户提到的投赞成票。

48267 次浏览
小开
最佳答案

Found this entry on MS Connect, the behavior is a recognized bug.

Suggested Workaround (from the entry):

== Workaround ==

In the meantime to make it work and to avoid similar issues in the future, I use a file ~\App_Browsers\BrowserFile.browser with the following:

<browsers>
<browser refID="Default">
<capabilities><!-- To avoid wrong detections of e.g. IE10 -->
<capability name="cookies" value="true" />
<capability name="ecmascriptversion" value="3.0" />
</capabilities>
</browser>
</browsers>
小开

There is a hotfix available for this issue[1].

1) http://support.microsoft.com/kb/2600088
1) http://support.microsoft.com/kb/2600217 (replaces previous KB)

Also, [2] suggests that this will hit Windows Update in January of 2012.

2) http://www.hanselman.com/blog/BugAndFixASPNETFailsToDetectIE10CausingDoPostBackIsUndefinedJavaScriptErrorOrMaintainFF5ScrollbarPosition.aspx

小开

The problem rests with some IIS instances thinking that IE10 is a cookieless browser (i.e. cant support cookies). In our problem case the server was setting the authentication cookie and sending it back to the browser, but was then ignoring the cookie on subsequent requests.

The solution is to either patch the browser capabilities so that it knows IE10 can do cookies (outlined in another answer on this page), or change the default behaviour to force it to use cookies even if it thinks the browser can’t do cookies.

We just added the following to our forms section in web.config:

cookieless="UseCookies"

<authentication mode="Forms">
<forms name=".AUTH" cookieless="UseCookies" loginUrl="/" timeout="10000" path="/" />
</authentication>
小开

Thanks You for the Help. It worked no.

  1. I copied the file from the site to C:\WINDOWS\microsoft.net\Framework\v2.0.50727\CONFIG\Browsers

  2. Run In Command Prompt C:\WINDOWS\microsoft.net\Framework\v2.0.50727>aspnet_regbrowsers.exe -i

  3. Restart the IIS.

  4. Tested the site and it works without any error.

Thanks Again for the Feed back

小开

An update for nullptr answer.

I tried today to download the Microsoft KB2600088. After receiving the link by email, I clicked on it then it lead me the page that says it is no longer available.

Try this: http://support.microsoft.com/kb/2600217

That link is a replace ment for KB2600088 and KB2628838.

MIcrosoft .Net Framework 4.5 is also available now.

小开

Installed the various patches that everyone's mentioning and for whatever reason the problem was not resolved.

Installed .NET Framework 4.5 Full and the problem went away.

You don't have to update any projects to target 4.5. Just install it on the server.


提交答案