BUG: IWebBrowser::Navigate May Incorrectly Send POST Request Instead of GET Request (315762)

RESOLUTION

To work around this problem, send a more complicated GET request that forces Internet Explorer to re-create the internal data structure. To do this, send a navNoReadFromCache flag in the request as follows:

// Use COM directly (instead of going through MFC or ATL).
VARIANTARG vWorkaround;
VariantInit(&vWorkaround);
vWorkaround.vt = VT_I4;
vWorkaround.lVal = navNoReadFromCache;
hr = browser->Navigate(L"http://www.microsoft.com", &vWorkaround, &vDummy, &vDummy, &vDummy);

NOTE: When you use this workaround, you may have to resynchronize with the server instead of pulling from the cache.

MORE INFORMATION

Steps to Reproduce Behavior

Create an Active Template Library (ATL) project, and then add a Lite control.
Add a WM_LBUTTONDOWN message handler in the Lite control.
Include ExDisp.h and Shlguid.h at the top of the Lite control header file.

Add the following code to the WM_LBUTTONDOWN handler:

LRESULT OnLButtonDown(UINT uMsg, WPARAM wParam, LPARAM lParam, BOOL& bHandled)
{
	CComPtr<IWebBrowser2> browser;
	CComPtr<IServiceProvider> isp;
	HRESULT hr;

	hr = m_spClientSite->QueryInterface(IID_IServiceProvider, reinterpret_cast<void **>(&isp));
	hr = isp->QueryService(IID_IWebBrowserApp, IID_IWebBrowser2, reinterpret_cast<void **>(&browser));

	CComVariant postData("userid=me;password=test");
	char* postDataString = "userid=me;password=test";
	int len = strlen(postDataString);
	postData.vt = VT_ARRAY;
	postData.parray = SafeArrayCreateVector(VT_UI1, 0, len);
	void HUGEP* safeData;
	hr = SafeArrayAccessData(postData.parray, &safeData);
	memcpy(safeData, postDataString, len);
	hr = SafeArrayUnaccessData(postData.parray);

	CComVariant targetFrame(L"_blank");
	CComVariant vNull;
	CComVariant flags((int)navNoReadFromCache); // workaround

	// Use a different window to navigate.
	hr = browser->Navigate(L"http://www.yahoo.com", &vNull, &targetFrame, &postData, &vNull);

	// Use the original window to navigate.
	hr = browser->Navigate(L"http://www.yahoo.com", &vNull, &vNull, &vNull, &vNull);
		
	// Use the workaround to navigate.
	//hr = browser->Navigate(L"http://www.yahoo.com", &flags, &vNull, &vNull, &vNull);

	return 0;
}

Build the control, and then capture network traffic by using a tool such as Network Monitor.
The ATL Wizard creates the Hypertext Markup Language (HTML) file for you so that you can have a simple HTML test page. Copy this HTML file in the project to another computer that has Microsoft Internet Information Services (IIS) because Network Monitor cannot perform network traces on the same computer.
On the development computer, open the HTML page that you copied to the remote computer in Internet Explorer. Start the network trace program on the computer where the project was compiled. Click the ATL component.
Stop the network trace. In the network trace, notice that the request for www.yahoo.com is a POST request instead of a GET request. The POST data from the first POST request is sent as well. In addition, notice that both Internet Explorer windows display the Yahoo error message as a result of the POST requests. However, only one Internet Explorer window should display this error message.

The problem appears only from an ActiveX control that is hosted within Internet Explorer when you follow the steps in the "Steps to Reproduce Behavior" section. If you host Internet Explorer instead, the steps to reproduce this behavior vary. However, these steps still require a sequence of mixed GET and POST requests.

BUG: IWebBrowser::Navigate May Incorrectly Send POST Request Instead of GET Request (315762)

SYMPTOMS

CAUSE

RESOLUTION

STATUS

MORE INFORMATION

Steps to Reproduce Behavior

REFERENCES