BUG: Content Advisor Causes Server Cookies Redirection to Fail When Server Does Not Have Content Rating (226996)


The information in this article applies to:

  • Microsoft Internet Explorer (Programming) 4.0
  • Microsoft Internet Explorer (Programming) 4.01
  • Microsoft Internet Explorer (Programming) 4.01 SP1
  • Microsoft Internet Explorer (Programming) 4.01 SP2
  • Microsoft Internet Explorer (Programming) 5
  • Microsoft Internet Explorer (Programming) 5.01
  • Microsoft Internet Explorer (Programming) 5.01 SP1
  • Microsoft Internet Explorer (Programming) 5.5
  • Microsoft Internet Explorer (Programming) 6.0
This article was previously published under Q226996

SYMPTOMS

If the Content Advisor setting is enabled on client computers, servers that do not have a content rating may fail to redirect cookies when server redirection is used.

When non-rated sites use cookies and server redirection to authenticate users or determine which pages to load, users may not be authenticated correctly, or they may be redirected to the wrong location.

RESOLUTION

There are three ways to work around this problem:
  • Use the Internet Services Manager to apply a Recreational Software Advisory Council (RSAC) rating to the site at the server. This does not work when you download an active document (.doc file or PDF) with Content Advisor enabled.
  • Change the site architecture so that it does not use a cookie to persist state.
  • Disable Content Advisor on the client computers.

STATUS

Microsoft has confirmed that this is a bug in the Microsoft products that are listed at the beginning of this article.

MORE INFORMATION

Steps to Reproduce the Behavior

  1. Set up your Internet Information Services (IIS) server, and do not apply Content Rating. In other words, make sure that you clear the Enable Ratings for this resource check box in the Content Rating dialog box as follows:
    1. In the IIS Server Manager, right-click the default Web site node, and then click Properties.
    2. On the HTTP Headers tab, click Edit Ratings.
    3. In the Content Rating dialog box, make sure that you clear the Enable Ratings for this resource check box.
  2. Create an Active Server Pages (ASP) page named Page1.asp that does server-side redirection to pass cookies to another ASP page named Page2.asp.
  3. Create Page2.asp to display the cookies information.
  4. To enable the Content Advisor, follow these steps:
    1. On the client computers, on the Tools menu, click Options. (In Internet Explorer 4.x, on the View menu, click Options.)
    2. On the Content tab, under Content Advisor, click Enable.
    3. On the General tab, select the Users can see sites that have no rating check box.
  5. When the client computers navigate to Page1.asp, Page2.asp is returned without the cookie information.

REFERENCES

For more information about how to navigate conditionally, see the following article on the Microsoft Developer Network (MSDN):

http://msdn.microsoft.com/library/devprods/vs6/vinterdev/vidref/vihownavigatingconditionally.htm

For more information about developing Web-based solutions for Microsoft Internet Explorer, visit the following Microsoft Web sites:

http://msdn.microsoft.com/ie/

http://support.microsoft.com/iep

Modification Type:MajorLast Reviewed:5/11/2006
Keywords:kbBug kbnofix KB226996
©2004 Microsoft Corporation. All rights reserved.