[EMAIL PROTECTED] (Andrew M. Bishop): > You need to find out what is causing the re-request to be made and > configure something to stop that. Obviously it must be a forced > refresh or you would not be seeing the confirm request page.
If i reload from the cache (offline) [http://www.microsoft.com/technet/archive/security/news/c2faq.mspx] The browser (galeon) say, << The page you are trying to view contains POSTDATA. If you resend the data, any action the form carried out (such as a search or online purchase) will be repeated. To resend the data, click OK. Otherwise, click Cancel. >> and when i click on OK the resultuing confirm request is for [http://www.microsoft.com/technet/archive/security/news/c2faq.mspx?!POS T:8hDgjN9Zqj foJpj1NlYdw.42eae312] which is not anywhere in the cache. In the cache index, i can see from this path only # /technet/archive/security/news/ngscb.mspx?!POST:8hDgjN9Zqj foJpj1NlYdw.42e1b68a# /technet/archive/security/news/ngscb.mspx?!POST:8hDgjN9Zqj foJpj1NlYdw.42e1b712# /technet/archive/security/news/ngscb.mspx?!POST:8hDgjN9Zqj foJpj1NlYdw.42e1b771# /technet/archive/security/news/ngscb.mspx?!POST:8hDgjN9Zqj foJpj1NlYdw.42e1b7b0# /technet/archive/security/news/ngscb.mspx?!POST:8hDgjN9Zqj foJpj1NlYdw.42eadb82# /technet/archive/security/news/ngscb.mspx?!POST:8hDgjN9Zqj foJpj1NlYdw.42eadbfb# /technet/archive/security/news/ngscb.mspx?!POST:8hDgjN9Zqj foJpj1NlYdw.42eadc47# /technet/archive/security/news/ngscb.mspx?!POST:8hDgjN9Zqj foJpj1NlYdw.42eadf32# /technet/archive/security/news/ngscb.mspx?!POST:8hDgjN9Zqj foJpj1NlYdw.42eadf35# /technet/archive/security/news/ngscb.mspx?!POST:8hDgjN9Zqj foJpj1NlYdw.42eadf50# /technet/archive/security/news/ngscb.mspx?!POST:c7jp C8ffVKfUtXesOy4fA.42e1b690# /technet/archive/security/news/ngscb.mspx?!POST:c7jp C8ffVKfUtXesOy4fA.42e1b717# /technet/archive/security/news/ngscb.mspx?!POST:c7jp C8ffVKfUtXesOy4fA.42e1b776# /technet/archive/security/news/ngscb.mspx?!POST:c7jp C8ffVKfUtXesOy4fA.42e1b7c7# /technet/archive/security/news/ngscb.mspx?!POST:c7jp C8ffVKfUtXesOy4fA.42eadb8f# /technet/archive/security/news/ngscb.mspx?!POST:c7jp C8ffVKfUtXesOy4fA.42eadc0f# /technet/archive/security/news/ngscb.mspx?!POST:c7jp C8ffVKfUtXesOy4fA.42eadc52# /technet/archive/security/news/ngscb.mspx?!POST:c7jp C8ffVKfUtXesOy4fA.42eadf57# /technet/archive/security/news/ngscb.mspx?!POST:c7jp C8ffVKfUtXesOy4fA.42eadf5f# /technet/archive/security/news/ngscb.mspx?!POST:c7jp C8ffVKfUtXesOy4fA.42eadf71 If i click, for example, on the first one: # /technet/archive/security/news/ngscb.mspx?!POST:8hDgjN9Zqj foJpj1NlYdw.42e1b68a i get a confirmation request for [http://www.microsoft.com/technet/archive/security/news/ngscb.mspx?!POS T:c7jp C8ffVKfUtXesOy4fA.42eae3ed] and if i repeat this, the next confirmation request is for [http://www.microsoft.com/technet/archive/security/news/ngscb.mspx?!POS T:c7jp C8ffVKfUtXesOy4fA.42eae40a] so i have to suspect that some javascript creates a POST request for a database file where the last few charcaters doesn't actually belong to the ID but are randomly created on the fly to block cache reloading, to urge visitors to update to the latest version or to have them counted or cookied at the page again for whatever reason. A typical header seems to be << HTTP/1.0 200 OK Date: Sat, 30 Jul 2005 02:01:24 GMT Server: Microsoft-IIS/6.0 P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" X-Powered-By: ASP.NET X-AspNet-Version: 1.1.4322 Last-Modified: Sat, 30 Jul 2005 02:01:24 GMT Cache-Control: private Content-Type: text/html; charset=iso-8859-1 Connection: close Proxy-Connection: close >> and there's a lot of JS in which i don't understand. For example, << } function footerjs(doc) { if (doImage==null) { var tt=TType==null?"PV":TType;doc.write('<layer visibility="hide"><div style="display:none"> <img src="http://c.microsoft.com/trans_pixel.asp?source=www&TYPE=' + tt+'&p=technet_archive_security_news&URI=%2ftechnet%2farchive%2fsecurit y%2fnews%2fngscb.mspx&GUID=1F4FC18C-F71E-47FB-8FC9-612F8EE59C61&r=http% 3a%2f%2fwww.microsoft.com%2fTechNet%2fmnp_utility.mspx%2fmainframe%3fur l%3d7DEl8sgxZqw%2bACs3HMgCBUQLdGuKwPfx9IYdS%2fosCQLuTTU4Gn1t%2f8u0iKznA hg3%26r%3d" width=0 height=0 hspace=0 vspace=0 border=0 /> </div></layer>'); } } </script> <script language='JavaScript' src='/library/svy/broker.js'> </script> <script> function synctoc() { if (top.MNPMenuFrame) { if (top.MNPMenuFrame.synctoc) { top.MNPMenuFrame.synctoc(); } } } </script> >> and there's for example a table cell that's maybe JS generated....? <td class="onThisPage"><a href="#ECAA">Next-Generation Secure Computing Base and Digital Rights Management (DRM)</a></td> I made another experiment, and saved the cached file into /tmp and deleted the browser headers, so that it's a valid html doc. Then i opened it as file:/// with the browser, and voila, i can see the text, but the browser pops up this message:<< The file /technet/archive/security/news/ngscb.mspx cannot be found. Please check the location and try again. >> I don't actually understand the whole thing. How do you manage to have it working for you ? Disbaled Javascript ? Ah, i just found out i can request the bookmarked URL [http://www.microsoft.com/technet/archive/security/news/ngscb.mspx] and when i immediately click on the 'stop' button i can prevent the wwwoffle confirm message. If wwwoffle would pop up a message box instead of replacing the page, i could see its contents anyway.... ° /\/ ps. I'm not sure if i did manage the mailers line breaking better. How does it perform this time ?
