pics_IE的内容顾问，PICS评级和当今的ASP.NET Flakey

pics

GOTCHA #1: Here's a crazy thing.  Let me try to paint a word picture for you of the thing I debugged today with the info I was given in the order it was given:

GOTCHA＃1：这是一件疯狂的事情。 让我试着用给我的信息按给出的顺序为您调试今天调试过的东西的文字图片：

Symptom: "So, Scott, it appears that users using the Content Advisor feature of IE (the one that's there to prevent kids from seeing naughty things) occasionaly and apparently randomly get logged out of our website"

症状： “所以，斯科特，看来用户偶尔会使用IE的Content Advisor功能(该功能可防止孩子看到顽皮的东西)，并且显然是随机退出了我们的网站”

Me: "That sucks."

我： “真烂。”

Additional Information #1: "Turns out the get logged out when we open a new Window with target='_blank' or javascript:window.open."

附加信息＃1：“当我们使用target ='_ blank'或javascript：window.open打开新窗口时，显示注销信息。”

Me: "That IS weird.  Good luck with that."

我： “那很奇怪。祝你好运。”

Additional Information #2: "With IEHttpHeaders we see that the Forms Authentication Cookie 'disappears' when this new window opens."

附加信息2：“使用IEHttpHeaders，我们看到在打开新窗口时，表单身份验证Cookie消失了。”

Me: "Well that's just kooky talk.  Cookies don't disappear, they are either tossed with the HTTP Header set-cookie directive, or they are not passed in the Http Request."

我： “好吧，这只是胡说八道。Cookie不会消失，它们要么被HTTP Header set-cookie指令抛弃，要么未在Http请求中传递。”

Additional Information #3: "Well, turns out that when Content Advisor is OFF, the interaction looks like this:

附加信息3： “事实证明，关闭Content Advisor时，交互如下所示：

HTTP GET /somefile.aspxRESPONSE 200HTTP GET /somethingelse.aspx (we did a javascript.open)RESPONSE 302 getthisfile.aspxHTTP GET getthisfile.aspxRESPONSE 200

HTTP GET /somefile.aspx响应200 HTTP GET /somethingelse.aspx(我们做了javascript.open)响应302 getthisfile.aspxHTTP GET getthisfile.aspx响应200

But when Content Advisor is ON, we see this:

但是当Content Advisor打开时，我们会看到以下内容：

HTTP GET /somefile.aspxRESPONSE 200HTTP GET /somethingelse.aspx (we did a javascript.open)HTTP GET /RESPONSE 200RESPONSE 302 getthisfile.aspxHTTP GET getthisfile.aspxRESPONSE 200

HTTP GET /somefile.aspx响应200 HTTP GET /somethingelse.aspx(我们做了javascript.open) HTTP GET /响应200响应302 getthisfile.aspxHTTP GET getthisfile.aspx响应200

Me: "Well, crap. Who or what is asking for '/' in the middle there?  What's the Headers look like?"

我： “ W，废话。中间的那个在问'/'是谁或什么？标题是什么样子？”

Additional Information #4: "Let's see...when the Response to the GET of / comes back...oh...doh, look at that: 

附加信息4： “让我们看看……当对GET的响应返回时……哦……哦，看一下：

Set-Cookie:AUTHCOOKIE=; expires=Wednesday, 09-Nov-99 10:34:56 GMT;path=/

Me: "Hm...so clearly SOMEONE is tossing that cookie.  Well, the only place we erase that cookie is the login.aspx page.  Say, what's the DEFAULT page for this site?  It's login.aspx you say?  Oy.

我： “嗯……很明显，有人在扔那个cookie。好吧，我们唯一删除cookie的地方就是login.aspx页面。说，这个站点的DEFAULT页面是什么？您说的是login.aspx？是。

CONCLUSION: When the Content Advisor is ON, Internet Explorer will request '/' from a site anytime a new window is opened.  It does this to request and cache the PICS data from either the page or the headers.  Turned out that on our site, when we opened a new window, IE would go and request the default page '/' which is set in IIS as login.aspx...and we had if(!IsPostBack) FormsAuthentication.SignOut() automatically logging folks out to be tidy.  The Content Advisor's overzealous retrieval of our default page logged the user out.  Damned interesting.

结论：当Content Advisor处于打开状态时，只要打开新窗口，Internet Explorer就会从站点请求“ /”。 它这样做是为了从页面或标题中请求并缓存PICS数据。 事实证明，在我们的网站上，当我们打开一个新窗口时，IE会去请求默认页面“ /” ，该页面在IIS中设置为login.aspx ...，而我们拥有if(！IsPostBack)FormsAuthentication.SignOut()自动将人们注销以使其整洁。 Content Advisor对我们默认页面的过度检索使用户退出。 该死的有趣。

GOTCHA #2: One other thing to remember, if you DON'T have a PICS (Platform for Internet Content Selection) header in your Http Headers or as a META tag in your HTML then folks using Content Advisor in IE may not be able to view your site at all.

GOTCHA＃2：要记住的另一件事，如果您在Http标头中没有PICS(用于Internet内容选择的平台)标头，或者在HTML中没有META标签，则在IE中使用Content Advisor的人们可能无法查看您的网站。

So, I just added a standard "I'm harmless" PICS header to the project-wide base page (in the OnLoad).

因此，我只是向项目范围的基础页面(在OnLoad中)添加了一个标准的“我无害” PICS标头。

Response.AddHeader("pics-label","(pics-1.1 \"http://www.icra.org/ratingsv02.html\" comment \"ICRAonline EN v2.0\" l r (nz 1 vz 1 lz 1 oz 1 cz 1) \"http://www.rsac.org/ratingsv01.html\" l r (n 0 s 0 v 0 l 0))"

Response.AddHeader(“ pics-label”，“(pics-1.1 \” http：//www.icra.org/ratingsv02.html \“评论\” ICRAonline EN v2.0 \“ lr(nz 1 vz 1 lz 1盎司1 cz 1)\“ http：//www.rsac.org/ratingsv01.html \” lr(n 0 s 0 v 0 l 0))

Also, there's a great PICS Rating Generator online as well.

另外，在线上还有一个很棒的PICS评分生成器。

翻译自: https://www.hanselman.com/blog/ies-content-advisor-pics-ratings-and-the-aspnet-flakey-of-the-day

pics