Article ID: 316431
Article Last Modified on 1/30/2007
APPLIES TO
- Microsoft Internet Explorer 6.0
- Microsoft Internet Explorer 5.5
- Microsoft Internet Explorer 5.01
This article was previously published under Q316431
SYMPTOMS
When you attempt to open or download a Microsoft Office document (.doc file, .xls file, .ppt file, and so on) from a secure Web site in Internet Explorer, you may receive one of the following error messages, even though the document is available and downloaded from the server:
Error message 1
Error message 2
Error message 3
Error message 4
The problem occurs if the server is using Secure Sockets Layer (SSL) and has added one or both of the following HTTP headers to the response message:
Pragma: no-cache Cache-control: no-cache,max-age=0,must-revalidate
CAUSE
In order for Internet Explorer to open documents in Office (or any out-of-process, ActiveX document server), Internet Explorer must save the file to the local cache directory and ask the associated application to load the file by using IPersistFile::Load. If the file is not stored to disk, this operation fails.
When Internet Explorer communicates with a secure Web site through SSL, Internet Explorer enforces any no-cache request. If the header or headers are present, Internet Explorer does not cache the file. Consequently, Office cannot open the file.
RESOLUTION
Web sites that want to allow this type of operation should remove the no-cache header or headers.
STATUS
This behavior is by design.
MORE INFORMATION
Files that are associated with Internet Explorer itself (including .txt files, .html files, .gif files, .jpg files, .xml files, and so on) do not generally have the problem. Files that are associated with non-Office applications may or may not have the problem, depending on the application.
Web developers should note that some firewalls and security programs may add these headers automatically to all outbound HTTP responses. Even if you have not configured your Web server, Internet Server Application Programming Interface (ISAPI) extension, or Active Server Pages (ASP) script to return these headers, your site may include them by default. Check with your firewall or security administrator to determine if this is the case, and discuss the security risks to your company if you choose to disable this option to allow caching for these files.
Steps to reproduce the behavior
In the Wwwroot folder for your IIS server, create a new ASP file. Name the file Testnocache.asp, and then add the following code to the file:
<% Response.ContentType = "application/msword" Response.AddHeader "Cache-control", "no-cache" %> <HTML><BODY>Test File Loaded in Microsoft Word</BODY></HTML>
- Configure your IIS server to use SSL.
On a client system that has Word installed, browse to the ASP file using HTTPS, as follows:
https://[servername]/testnocache.asp
You may be prompted to open or save the file on some systems. Regardless of which option you choose (or if you are not prompted to open or save the file), you receive an error message and are unable to open or save the file.
- Remove the AddHeader line from the ASP file, and then browse to the URL from the client. The document opens in Word.
REFERENCES
For more information, click the following article number to view the article in the Microsoft Knowledge Base:
248107 Creating server certificates using Certificate Services Web forms
Keywords: kbprb KB316431