CACHE,BUFFER,系统bug还是什么? [英] CACHE, BUFFER, system bug or what?
问题描述
全部,
有人看到这种奇怪的效果吗? Web应用程序是用C#,
ASP.NET,SQL,T-SQL等编写的。很常见的东西,很复杂,但
工作正常,直到.. 。
这是一个问题。如果我在调试或发布模式下在我的本地IE上使用我的本地计算机启动此应用程序,我不会发现任何问题。如果我将
相同的应用程序上传到我在HTTPS下工作的公司服务器,这里有几种可能的方式。
1.如果高级互联网选项不保存
加密页面到磁盘,它的效果会很好。检查。
2.如果我取消选中此选项,那么如果我在我的本地IIS上运行它仍然有效
对我的本地IE,
3. ...但是如果我使用我的本地IE对我的公司服务器运行这个应用程序
那么这是一个非常有趣的错误。我可以使用
登录/密码登录一个客户端,然后我可以点击退格按钮,再次登录
页面,输入另一个登录/密码,然后单击确定并获取属于第一位患者的页面
,就像它已存储在某个缓冲区中一样,
返回给我。所有页面和整个应用程序都配置为忽略缓存,所有aspx页面都有这个标记:
< meta http-equiv =" CACHE-CONTROL" content =" NO-CACHE">
完全没有结果!这是怎么回事?操作系统是否过于愚蠢到一个会话中的
缓存页面而忽略了
程序代码中的所有设置?如果我逐个调用新页面,就不会发生这种情况,应用程序会写入
,这样每次调用它时都会生成一个新的URL
特别是为了防止任何类型的缓存,排除任何类型的缓存
以保护隐私,但我无法对返回功能做任何事情。
这个bug会杀死整个安全。为什么IIS如此疯狂地根据新的
组合登录/密码从一些缓存中返回页面
代替新的计算页面?任何想法如何避免这个问题?服务器上运行的
系统是Windows 2000 Advanced Server。我的本地系统
这个问题没有出现是Windows XP专业版。如果我连接到远程
服务器没有机器和/或操作系统,我收到这个
问题。但为什么?如果我检查上面提到的选项 - 请勿保存
加密页面到磁盘它很棒。一个新的M $洞或什么?
我也在调试器中看到,如果我点击Backspace按钮,之前的
页面假设没有回发并执行一个简短的模式
跳过if(!IsPostBack){}。也许我应该更接近玩?
是否有人看到这类问题以及解决方案是什么?
只是D.
All,
Did anybody see this strange effect? The web application is written in C#,
ASP.NET, SQL, T-SQL, etc. A pretty usual stuff, complicated enough, but
works fine until...
Here is a question. I don''t see any problem if I start this app on my local
computer against my local IE both in debug or release modes. If I upload the
same app to my corporate server where it works under HTTPS here are a few
possible ways.
1. It works just great if the Advanced Internet option "Do not save
encrypted pages to disk" is checked on.
2. If I uncheck this option then it still works if I run it on my local IIS
against my local IE,
3. ... but if I run this app against my corporate server with my local IE
then here is a very interesting bug. I''m able to login as one client using
his login/password, then I can click the Backspace button, get the login
page again, enter another login/password, then click OK and get the page
belonging to the first patient like it was already stored in some buffer and
returned back to me. All pages and the whole app are configured to ignore
the cache, all aspx pages are having this tag:
<meta http-equiv="CACHE-CONTROL" content="NO-CACHE">
No results at all! What''s going on? Is the operating system too stupid to
cache pages inside one session and ignore all settings made right in the
program code? It doesn''t happen if I call new pages one by one, the app is
written so that it generates a new URL every time when it''s called
especially to prevent any type of caching, any type of caching is excluded
to protect the privacy, but I can do nothing to the return back feature.
This bug kills the whole security. Why IIS is so crazy to return the page
from some cache in place of a new calculated page according to the new
combination login/password? Any ideas how to avoid this issue? The operating
system on the server is Windows 2000 Advanced Server. My local system where
this issue doesn''t appear is Windows XP Pro. If I connect to the remote
server ragardless of the machine and/or operating system I''m receiving this
issue. But why? If I check the option mentioned above in - "Do no save
encrypted pages to disk" it works great. A new M$ hole or something?
I also see in debugger that if I click the Backspace button the previous
page "supposes" that there were no a postback and executes a short schema
skipping the if (!IsPostBack){}. Maybe I should play with it closer? Did
anybody see this kind of issues and what was the solution?
Just D.
推荐答案
hole或者什么?
我也在调试器中看到,如果我单击Backspace按钮,之前的
页面假设没有回发并执行一个简短的模式
跳过if(!IsPostBack){}。也许我应该更接近玩?
是否有人看到这类问题以及解决方案是什么?
Just D.
hole or something?
I also see in debugger that if I click the Backspace button the previous
page "supposes" that there were no a postback and executes a short schema
skipping the if (!IsPostBack){}. Maybe I should play with it closer? Did
anybody see this kind of issues and what was the solution?
Just D.
文字内联。
" Just D." < no@spam.please>在消息中写道
news:gjxTe.71633
Hi,
Text inline.
"Just D." <no@spam.please> wrote in message
news:gjxTe.71633
Ji4.70484@fed1read03 ...
Ji4.70484@fed1read03...
这是一个题。如果我在我的本地计算机上以调试或发布模式对我的本地IE启动此应用程序,我不会发现任何问题。如果我将相同的应用程序上传到我在HTTPS下工作的公司服务器,这里有几种可能的方法。
1.如果高级互联网选项 ;不要将加密的页面保存到磁盘上检查。
2.如果我取消选中此选项,那么如果我在我的本地
IIS上对我的本地IE运行它仍然有效,
什么错误你看到什么时候上传到服务器?
3. ...但如果我用我的本地IE对我的公司服务器运行这个应用程序
那么这是一个非常有趣的错误。我可以使用他/她的登录名/密码作为一个客户登录,然后我可以点击Backspace按钮,再次登录
页面,输入另一个登录名/密码,然后点击确定并获取页面
属于第一个患者,它已经存放在某个缓冲区中并返回给我。所有页面和整个应用程序都配置为忽略缓存,所有aspx页面都有此标记:
< meta http-equiv =" CACHE-CONTROL"含量= [否-CACHE">
发布您在页面中使用的代码,我敢打赌这是一个编程错误
比操作系统更重要。
为了确定,在检查登录名/密码之前先做一个Session.Abandon()
这样可以保证你以前的会话将被丢弃。
没有结果所有!这是怎么回事?操作系统是否过于愚蠢,以便在一个会话中缓存页面并忽略在程序代码中所做的所有设置?如果我逐个调用新页面就不会发生这种情况,应用程序会被编写,以便每当它被调用时生成一个新的URL,特别是为了防止任何类型的缓存,任何类型的缓存都被排除在外以保护隐私,但我对返回功能无能为力。
这个bug会破坏整个安全性。为什么IIS根据新的
组合登录/密码从某些缓存返回页面来代替新的计算页面是如此疯狂?任何想法如何避免这个问题?服务器上的
操作系统是Windows 2000 Advanced Server。我的本地
系统没有出现这个问题是Windows XP专业版。如果我连接到远程服务器没有机器和/或操作系统,我将收到此问题。但为什么?如果我检查上面提到的选项 -
不要将加密的页面保存到磁盘它很棒。一个新的M
Here is a question. I don''t see any problem if I start this app on my
local computer against my local IE both in debug or release modes. If I
upload the same app to my corporate server where it works under HTTPS here
are a few possible ways.
1. It works just great if the Advanced Internet option "Do not save
encrypted pages to disk" is checked on.
2. If I uncheck this option then it still works if I run it on my local
IIS against my local IE,
What error you see when uploaded to the server?
3. ... but if I run this app against my corporate server with my local IE
then here is a very interesting bug. I''m able to login as one client using
his login/password, then I can click the Backspace button, get the login
page again, enter another login/password, then click OK and get the page
belonging to the first patient like it was already stored in some buffer
and returned back to me. All pages and the whole app are configured to
ignore the cache, all aspx pages are having this tag:
<meta http-equiv="CACHE-CONTROL" content="NO-CACHE">
Post the code you are using in the page, I bet this is a programming error
more than a OS matter.
Just to be sure, do a Session.Abandon() before checking the login/password
this will assure you that the previous session will be discarded.
No results at all! What''s going on? Is the operating system too stupid to
cache pages inside one session and ignore all settings made right in the
program code? It doesn''t happen if I call new pages one by one, the app is
written so that it generates a new URL every time when it''s called
especially to prevent any type of caching, any type of caching is excluded
to protect the privacy, but I can do nothing to the return back feature.
This bug kills the whole security. Why IIS is so crazy to return the page
from some cache in place of a new calculated page according to the new
combination login/password? Any ideas how to avoid this issue? The
operating system on the server is Windows 2000 Advanced Server. My local
system where this issue doesn''t appear is Windows XP Pro. If I connect to
the remote server ragardless of the machine and/or operating system I''m
receiving this issue. But why? If I check the option mentioned above in -
"Do no save encrypted pages to disk" it works great. A new M
这篇关于CACHE,BUFFER,系统bug还是什么?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
