My company uses a SSL Proxy for accessing internal web sites from external networks (such as the Internet). The SSL Proxy used is supplied by Juniper Networks and our networking guys have always made comments like “oh, another Juniper bug”, etc.
For my ASP.NET web sites, most of them work fine. However, on a new site that I am developing using the ASP.NET AJAX Toolkit, I noticed that the SSL Proxy messes up the script path and so the client side-JavaScript is trying to connect to a URL that isn’t reachable.
For those that haven’t worked with SSL Proxy servers or just Proxy servers. Here’s Wikipedia’s summary of a Proxy Server:
[A] proxy server is a server which services the requests of its clients by forwarding requests to other servers. A client connects to the proxy server, requesting some service, such as a file, connection, web page, or other resource, available from a different server. The proxy server provides the resource by connecting to the specified server and requesting the service on behalf of the client. A proxy server may optionally alter the client’s request or the server’s response, and sometimes it may serve the request without contacting the specified server
The key part of this is that the Proxy Server alter’s the server’s response by changing all of the URLs to the proxy equivalent URL. For simple anchor tags, this works fine. However, when using JavaScript and appending variables to create a URL, the Proxy cannot detect which variables to change and so the calculated URL is what an internal user might see instead of a URL that a proxy user should see.
Okay, now on to the bug….
Since I didn’t want to dig down into the ASP.NET AJAX JavaScript source code, I just disabled partial page postbacks for all ASP.NET AJAX Toolkit controls, so everything operates in the normal ASP.NET postback methodology.
Luckily, I am using a MasterPage and I have included my ScriptManager control in this class. To disable partial page postbacks, I check to see if the user is coming from the proxy (by checking the request’s URL) and then set the EnablePartialRendering method to false.
This means that any user accessing the site via the SSL Proxy will not have access to the AJAX goodness of the site, but the site will still function properly.
Yes, I know that the lazy way to solve a problem is to just disable the feature. Our proxy user base is small and typically don’t access the many of the AJAX relevant pages.
Ajax Projects
