Uploaded image for project: 'PUBLIC - Liferay Portal Community Edition'
  1. PUBLIC - Liferay Portal Community Edition
  2. LPS-34305

IE10 Connection Problem with secure mode (ssl/https) on some special liferay/vaadin portlet constellation

    Details

    • Browsers:
      Internet Explorer 10

      Description

      We have this constellation
      Some Liferay servers on debian servers with Jetty and are running a custom aplication vaadin portlet inside liferay.

      A haproxy service is loadbalancing the whole thing as an ssl service.

      When we make a secure connection (https/ssl) to our application with the IE10 we have allmost 60 seconds to wait until we get a response from our application.
      The problem is only when trying to open the connection in https/ssl mode.
      Liferay itself does work with IE10 but just our constellation had this problem.

      We found out that in the path liferay-portal-6.1.1-ce-ga2\jetty-7.6.3\etc\ in the file jetty-rewrite.xml there is a rule for IE5/IE6 ssl bug.
      <!-- Add rule to protect against IE ssl bug -->
      <Call name="addRule">
      <Arg>
      <New class="org.eclipse.jetty.rewrite.handler.MsieSslRule"/>
      </Arg>
      </Call>

      When we remove this rule there is no problem any more.

      Looking at the code of the class MsieSslRule
      http://www.jarvana.com/jarvana/view/org/eclipse/jetty/aggregate/jetty-all/8.0.0.M1/jetty-all-8.0.0.M1-sources.jar!/org/eclipse/jetty/rewrite/handler/MsieSslRule.java?format=ok
      we found out that this part of the code is wrong.

      int msie=user_agent.indexOf("MSIE");
      if (msie>0 && user_agent.length()-msie>5)
      {
      // Get Internet Explorer Version
      int ieVersion = user_agent.charAt(msie+5);

      if ( ieVersion<=IEv5)

      { response.setHeader(HttpHeaders.CONNECTION, HttpHeaderValues.CLOSE); return target; }

      The useragent for IE 10 is Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)
      so a char at index will give here the IE1 with is quite lower than ie5

      I think this rule in jetty-rewrite.xml is obsolete and should be removed

        Attachments

          Activity

            People

            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:
                Days since last comment:
                4 years, 32 weeks, 3 days ago