Microsoft KB Archive/923155

= You cannot use the POST method to post data to a Web server on a Windows XP SP2-based computer =

Article ID: 923155

Article Last Modified on 9/11/2007

-

APPLIES TO


 * Microsoft Windows XP Home Edition
 * Microsoft Windows XP Professional

-



Important This article contains information about how to modify the registry. Make sure that you back up the registry before you modify it. Make sure that you know how to restore the registry if a problem occurs. For more information about how to back up, restore, and modify the registry, click the following article number to view the article in the Microsoft Knowledge Base:

256986 Description of the Microsoft Windows registry



SYMPTOMS
Consider the following scenario. On a Windows XP SP2-based computer, you use Microsoft Internet Explorer 6 to open a Web page. You try to use the POST method to post data to the Web server that hosts the Web page. In this scenario, you cannot post the data to the Web server. This problem occurs if the Web server uses the Kerberos version 5 authentication protocol to improve security.

Note This problem only occurs when you use the POST method for the first time. If you click the Back button to go back to the Web page, and then you post the data again, you can successfully post the data to the Web server.



CAUSE
This problem occurs because of a defect in the WinINet.dll file. When you try to post data to the Web server in Internet Explorer 6, the WinINet.dll file obtains new credentials, and then the WinINet.dll file frees the original security context. Then, the WinINet.dll file calls the InitializeSecurityContext function to initiate the outgoing client-side security context.

In this scenario, the WinINet.dll file will not check whether the authentication scheme of the Web server is NTLM authentication or Kerberos authentication. Because of the defect, the WinINet.dll file expects that the Web server uses the NTLM authentication scheme. Therefore, the authentication fails, and you cannot post data to the Web server.



Hotfix information
A supported hotfix is now available from Microsoft. However, it is intended to correct only the problem that is described in this article. Apply it only to systems that are experiencing this specific problem. This hotfix may receive additional testing. Therefore, if you are not severely affected by this problem, we recommend that you wait for the next Windows XP service pack that contains this hotfix.

To resolve this problem immediately, contact Microsoft Customer Support Services to obtain the hotfix. For a complete list of Microsoft Customer Support Services telephone numbers and information about support costs, visit the following Microsoft Web site:

http://support.microsoft.com/contactus/?ws=support

Note In special cases, charges that are ordinarily incurred for support calls may be canceled if a Microsoft Support Professional determines that a specific update will resolve your problem. The usual support costs will apply to additional support questions and issues that do not qualify for the specific update in question.

Prerequisites
To apply the hotfix, Windows XP Service Pack 2 (SP2) must be installed on the computer.

Restart requirement
You have to restart the computer after you apply this hotfix.

Hotfix replacement information
This hotfix does not replace any other previously released hotfixes.

Registry information
Warning Serious problems might occur if you modify the registry incorrectly by using Registry Editor or by using another method. These problems might require that you reinstall the operating system. Microsoft cannot guarantee that these problems can be solved. Modify the registry at your own risk.

To enable the hotfix, follow these steps:  Click Start, click Run, type regedit, and then press ENTER. Locate the following registry subkey, and then click it:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl

 On the Edit menu, point to New, and then click Key. Type the following subkey name, and then press ENTER:

FEATURE_FIX_KERBEROS_POST_KB923155

 On the Edit menu, point to New, and then click DWORD Value. Type iexplore.exe, and then press ENTER.</li> On the Edit menu, click Modify.</li> In the Value data box, type 1, and then click OK.</li> Exit Registry Editor.</li></ol>

Note To disable the hotfix, type 0 in the Value data box in step 8.

File information
The English version of this hotfix has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time item in Control Panel.

Windows XP with SP2, x86-based versions
<div class="status_section">

STATUS
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the &quot;Applies to&quot; section.

<div class="moreinformation_section">

MORE INFORMATION
For more information about the InitializeSecurityContext function, visit the following Microsoft Web site:

http://msdn2.microsoft.com/en-us/library/aa375506.aspx

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

824684 Description of the standard terminology that is used to describe Microsoft software updates

Additional query words: kerberos, HTTP, POST

Keywords: kbexpertiseadvanced kbfix kbpubtypekc kbqfe kbhotfixserver KB923155

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.