We are excited to announce that the IIS.NET Forums are moving to the new Microsoft Q&A experience. Learn more >

View Complete Thread
  • Re: Edge, Chrome Version 90 - Cookie Reverse Proxy Not Working

    Apr 21, 2021 11:01 AM|Dawid_Szczecin|LINK

    I can fully agree "This is impossible" but anyway the bahavior of client could maybe influence how the IIS proxy treat the requests. The problem described here accours when no development has been done on server, only client browser version change. 

    I develop simple test page, and simple response on application serwer to debug the problem. 

    <!DOCTYPE html> 
    <html>
      <head>
        <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>
        <title>XHR Test</title>
      </head>
      <body>
       <button>Send XHR main_msg</button>
       <button>Create a cookie</button>
       <button>delete cookie</button>
       <div id='log'></div>
      </body>
      <script>
    /*TIMESTAMP***********************************************************************************************************/
    function actual_timestamp()
    {
    var d = new Date();
    return d.getFullYear()+'-'+('0'+(d.getMonth()+1)).substring(('0'+(d.getMonth()+1)).length-2)+'-'+('0'+d.getDate()).substring(('0'+d.getDate()).length-2)+' '+('0'+d.getHours()).substring(('0'+d.getHours()).length-2)+':'+('0'+d.getMinutes()).substring(('0'+d.getMinutes()).length-2)+':'+('0'+d.getSeconds()).substring(('0'+d.getSeconds()).length-2);
    }
    /*POST FUNCTION*******************************************************************************************************/
    function communicate(url,requester_id,post_data) 
    {
    var request = new XMLHttpRequest();
    let key = sessionStorage.getItem('key');
    request.open('POST',url, true);
    request.setRequestHeader('Content-type', 'application/x-www-form-urlencoded');
    request.timeout = 45000;
    request.ontimeout = function(){console.log('timeout');alert('Server timeout');location.reload();}
    request.onerror = function(){console.log('Error');alert('Server error');location.reload();}
    request.onload = function()
    {
      if (request.status >= 200 && request.status < 400) 
      {
        document.getElementById('log').innerHTML+=actual_timestamp()+' '+request.responseText+'<br>';
      }
    }
    request.send(post_data);
    }
    /*BUTTONS***********************************************************************************************************/
      document.getElementsByTagName('button')[0].addEventListener('click',function(){
          document.getElementById('log').innerHTML+=actual_timestamp()+' Request Send<br>';
          setTimeout(function() {
            communicate('./main_msg','main','');
          }, 500);
      });
      document.getElementsByTagName('button')[1].addEventListener('click',function(){
          document.getElementById('log').innerHTML+=actual_timestamp()+' Cookie set client side<br>';
          document.cookie = "ID=123;path=/;";
      });
      document.getElementsByTagName('button')[2].addEventListener('click',function(){
          document.getElementById('log').innerHTML+=actual_timestamp()+' Clear cookie<br>';
          document.cookie.split(';').forEach(function(c) {
            document.cookie = c.trim().split('=')[0] + '=;' + 'expires=Thu, 01 Jan 1970 00:00:00 UTC;';
          });
      });
    /********************************************************************************************************************/
      </script>
    </html>

    The application server response is simple JSON text with empty 2D array. When cookie do not exist in the request, proxy forwards the request to application. When cookie exist on client side, the proxy do not forwards anything (no request logged on application server) IIS just reponse imidiately with 502.3.