问题描述:

A user of ours has an issue when trying to access one of our web application's views (IE9; behavior appears consistent across 6, 8, and 9, but not across domain accounts). For this specific user's Windows domain account, regardless of which credentials are used to access our application, or which machine's browser is used; an attempt to access certain views results in IE displaying the error message "The stylesheet does not contain a document element. The stylesheet may be empty, or it may not be a well-formed XML document."

Other domain accounts are unable to reproduce this error, nor are we when we VPN and use our own browsers, despite following the exact same process, with the exact same application credentials, same permissions and group memberships for domain accounts, matching versions of IE9 (also tested using 8 and 6). We have on the order of 50 separate customers using this version of the application, with no such issues.

There is nothing in the webapp logs that sheds any light on this; the requests and responses for the success and failure case are exactly identical.

Manually appending the request to the URL in the browser's address bar causes IE to render the XML response we expect. The XML returned from the browser request, in both failure and success cases, appears to be well-formed.

The web application in question has been static for some time preceding this error. The customer's IT organization has verified that permissions and group memberships are identical between the Domain accounts that can reproduce the error, and those that cannot.

Any suggestions? Can OLE or ODBC driver setup affect XML parsing at the Domain account level? Could Internet Explorer similarly be affected across a different machines, for the same domain account, while having identical group memberships and permissions as accounts which are unable to reproduce this behavior?

I am able to intermittently get the problem domain account to display the page correctly after clearing everything except Download History and passwords within the browser, however this is a minority of the time, and after a few requests max (usually the first one though) the error message is displayed.

网友答案:

The ACCEPT header changes either when the page is cached or the referer is updated, and apparently this domain does not have permissions on the document. As a result, the MIME type of the stylesheet changes from application/xml or text/xsl to *.* or text/html. The solution is to check the ACCEPT header and prevent caching or redirect the bad requests:

# Skip Opera
RewriteCond %{HTTP_USER_AGENT} !Opera 

# Check the Accept header for text/html
RewriteCond %{HTTP_ACCEPT} text\/html [OR]

# Check the Accept header for image type or *.*
RewriteCond %{HTTP_ACCEPT} gif|jpeg|png$|\*.\*$

# Forbid access if the file extension matches XSLT
RewriteRule .*\.(xsl|xslt)$ - [F]
相关阅读:
Top