Fix for security issue seems to cause problems


  • Hi

    Some weeks ago an automatic windows update seemed to contain a fix for the following issue:

    "MS12-006: Vulnerability in SSL/TLS could allow information disclosure: January 10, 2012"

    This fix seems to cause some strange problems with simultaneous HTTP request with large custom HTTP headers using a HTTPS connection (using a flash application.)


    - Flash/Flex application running inside IE browser (can be version 7, 8 or 9)

    - Flash application starts 8 simultaneous request with 3 custom http headers (each header is approx. 300 bytes). 4 requests are started immediatly by IE browser. 4 are pending. This can be made visible by start the developers tool (F12) and start capturing traffic.

    - When the first 4 requests are finished, it takes about 40 seconds when the second batch of requests are executed. This isn't correct and causes a timeout in the flash application.

    This problem does not happen when when no custom http headers are used.

    This problem does not happen when the fix is reverted.

    This problem does not happen when using other browsers

    This problem sometimes does not happen when full browsing history (ctrl-shift-del) is deleted.

    Any idea if there's a fix/solution for this problem?

    Best regards,
    Sjoerd Brandsma

    giovedì 12 aprile 2012 13:41

Tutte le risposte

  • Hi,

    this forum is for questions about html, css and scripting using MSIE browsers. I am not sure where you would find help...

    If you provide a link to your website we can have a look.... I have flash cookies disabled and the latest versions of the shockwave flash controls.



    giovedì 12 aprile 2012 20:59