Login/Register
GWT-RPC and the infamous sporadic "StatusCodeException: 0" exception revisited
Asked Answered
Solved gwtxmlhttprequestsubdomainsame-origin-policygwt-rpc
J

1

7

My problem is the infamous "StatusCodeException: 0" problem happening when using GWT 2.6.1 when accessing page via subdomain https://sub.site.com/.

Now, this happens quite sporadically for one customer using IE11 and I can't reproduce this from several distinct computers using IE11, IE10, IE9 or IE8 (not to talk about Chrome or Firefox).

Accessing exactly the same webapp from https://site.com/ seems to work fine for that customer.

This obviously lead me to conclusion that I'm having problem with Same Origin Policy.

What is strange though is that my webapp is designed in the way that no cross-domain or cross-subdomain requests are made. Same goes for no cross-protocol as well no cross-port requests. In other words, Same Origin Policy is not violated in this situation. As a confirmation of that, I can provide following proof:

While being at customer site I've seen how this is reproduced: customer starts using application and everything works fine - all requests are returning response normally. Then, after several minutes of working, exactly the same requests on the same page (without reloads) starts to fail with StatusCodeException: 0.

Basically, both https://sub.site.com and https://site.com points to the same IP, and there is only one Tomcat webapp serving exactly the same resources both for https://sub.site.com and https://site.com.

Another proof would be the codebase of the single GWT module itself: there I use only one instance of one service called DashboardService:

public class DashboardModule extends EntryPoint implements IDashboardModule {

    private final DashboardServiceAsync dashboardService = createDashboardService();

    @Override
    public void onModuleLoad() {
        // loading of module elements 
        // dashboardService is passed as a parameter so only one instance is used
    }

    /**
     * PLEASE SEE QUESTION #1 BELOW CODE SNIPPET
     */
    private static final String DASHBOARD_REQUEST_URL = "request";

    private static DashboardServiceAsync createDashboardService() {
        final DashboardServiceAsync service = GWT.create(DashboardService.class);
        ((ServiceDefTarget) service).setServiceEntryPoint(DASHBOARD_REQUEST_URL);
        return service;
    }
}

=================================== EDIT ====================================

After looking in the console at customer location, the error was always the following:

SCRIPT7002: XmlHttpRequest: network error 0x2ee4, ...

so it seems that this has nothing to do with Same-Origin Policy, because as per this article it is described as ERROR_INTERNET_INTERNAL_ERROR An internal error has occurred.

It's a pity, but I've found only 2 mentions of this error which were not resolved: Error under IE10 and Error under IE11.

I have an assumption that customer is very probably accessing site through some proxy which slightly changes the requests and IE can't handle them.

Question 1: does anybody knows how can I simulate or reproduce mentioned error locally?

Question 2: does anybody knows how this problem can be gracefully worked around?

Question 3: is it ok to simply retry the request, or this request may have reached the server and modify it, so retrying it may produce duplicate modification?

Will try to setup forwarding proxy to simulate possible customer setup to at least reproduce mentioned error...

I greatly appreciate any help!

Jackinthepulpit answered 30/7, 2014 at 11:33 Comment(7)
It's not a SOP Violation. Do other customers use your webapp? If so, i would suggest the customer has a special session treatment.Instrumentation
@Instrumentation I thought about networking problem as well, but what is suspicious is that somewhy it's working normally on https://site.com/ for that customer.Jackinthepulpit
@Instrumentation you were right - it's not SOP Violation, it's some internal network error - please see my edit. Do you have any ideas concerning this? I would greatly appreciate any help, since I've already spent 2 days trying to solve thisJackinthepulpit
if it is a post request you have maybe a problem with the certification. connect.microsoft.com/IE/feedback/details/877525/… #16313438Instrumentation
@Instrumentation ok, I'll check that. Thanks a lot for hintJackinthepulpit
I am facing the same problem. Did you find any solution ?Favata
@Raj ahhh, yes, sorry - will respond in half an hourJackinthepulpit
J
8

Ok, so after bugging with this problem for a workweek I finally managed to solve it.

Actually, I was able to reproduce very similar problem locally when I installed Apache2 server in front of Tomcat and accessed it from another VirtualBox Win7 host with IE11. This gave me sporadic StatusCodeException: 0 with Network error 0x2ef3 though but the behaviour was very similar: GWT-RPC requests started to fail after a minute or so. This was reproducable in IE10 and IE11 but working fine in IE8 and IE9 :) (is IE getting crappier with new versions?)

Locally I was able to fix that problem by simply disabling Keep-alive functionality for IE browsers by adding following lines to /etc/apache2/sites-enabled/default-ssl.conf Apache2 ssl configuration file:

    # following line was added
    BrowserMatch "Trident" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0

</VirtualHost>
</IfModule>

This basically tells Apache2 not to use keep-alive, use special SSL handling and generally downgrade to HTTP 1.0 standard whenever user-agent string in request has Trident word (matches IE11 and IE10 and possibly earlier IEs)

This added Connection: close HTTP header to each response and seemed to work fine locally.

On customers site this wasn't still working and produced the same Network error: 0x2ee4.

It may be worth noting that customer was using McAfee Web Gateway as forwarding proxy which stood in the middle of browser <-> server communication.

Long story short, I found out that the problem was in the following: when page loads there are multiple GET requests being sent to server to get the page, resources etc. Then after 10 seconds of using it (my webapp is single-page-application, so user may spend more than 10 minutes on same page) only GWT-RPC requests are being made to the server which are POST requests. And after a minute of using this page (I suspect 1 minute = keep-alive timeout of proxy server) these POST requests start randomly fail with 0x2ee4 network error.

After I implemented GWT-RPC retry functionality, I found out that after 30 seconds of retries simply ALL GWT-RPC requests fail with above error. Refreshing the page was solving this problem again for a minute or so and then same story happened.

So, I figured out that CRAPPY IE11 and IE10 are incorrectly handling combination of SSL, Keep-alive and POST requests. It seems that сrappy IE10 and IE11 simply can't renew keep-alive ssl connection using POST requests and only do this using GET requests. Please note that Chrome, Firefox and other normal browsers are handling this situation quite well. When inspecting how Firefox behaves in such situation in Firebug: it can be clearly seen that POST request is made, then it is shown as aborted for like 0.5s and then this it is shown as successful (I suspect that Firefox handles this specific situation and makes GET request to server itself to renew SSL keep-alive connection and then retries POST request)

So, to fix this problem in IE I simply implemented functionality which "pings" server with GET request every 5 seconds (be ready to experiment with this time since this is most probably related to customer's proxy keep-alive timeout).

This made it work (please note that above Apache2 configuration hack is not needed in this case)

I really hope that this will help people with similar issue and save their time

Resources used:

  1. IE Network Error 0x2ef3 question 1
  2. IE Network Error 0x2ef3 question 2
  3. IE Network Error 0x2ef3 question 3
  4. Awesome q&a on how to implement transparent GWT-RPC retry functionality

P.S. Will I report this IE10 and IE11 issue to Microsoft? - really I'm not eager spending 30+ minutes of my time reporting issue on commercial crappy IE browser issue after I've already spent more than a week of finding out the problem.

I insist on recommending Chrome or Firefox or other normal browser to customers as viable alternative and I still think that IE11 is not suited for modern websites with AJAX

Jackinthepulpit answered 13/8, 2014 at 9:40 Comment(1)
Thanks for your investigation. I was sure that retry mechanism should work. But you opened my eyes.Phthisic

© 2022 - 2024 — McMap. All rights reserved.