How to force IE to use HTTP/1.1 over SSL through Proxy

Hey OldandEvil,

 

Welcome to Microsoft Answers Forum!

May I know the version of Operating System you are running (Windows Vista or XP)?

 

Follow the steps below to force the Internet Explorer to use HTTP/1.1  though Proxy Connection.

a. Open Internet Explorer.

 

b. Click on Tools, select Internet Options.

 

c. Select the Advance tab; look for the HTTP 1.1 settings.

 

d. Place a check mark on ‘Use HTTP 1.1 through Proxy connection’.

 

e. Click Ok. 

This should fix the issue you are experiencing.

 

Let us know if this helps you.

 

Regards,

Manasa P - Microsoft Support.

The OS is XP.

All normal settings: IE -> Tools -> Internet Options -> Advance Tab -> all HTTP settings have been turned on and off within IE and within the registry.

The options in IE only change the HKCU settings. The KB article http://support.microsoft.com/kb/947513 outlines the wininet.dll tries to reference the HKLM settings. Since the settings are modified in HKCU, they do not exist in HKLM.
Even adding the settings to HKLM, it still sends out HTTP/1.0.

I have reasearched this for a month and still cannot find a way to force it to use 1.1!
FYI: We have various versions of IE all running on XP (2000+ users). IE6-IE8 all show the same problem. With various connections to SSL sites, not a single one through our proxy is 1.1 that came from IE.

Hi,

I would recommend checking Windows XP specific resources to get best possible answers to your issue.

http://support.microsoft.com/kb  
http://www.microsoft.com/windowsxp
http://windowshelp.microsoft.com/Windows/en-US/usingwindowsxp.mspx
http://www.microsoft.com/windowsxp/expertzone/newsgroups.mspx






Regards
Sreekanth

Thanks for the links. I have already been to each one and searched. Any link referencing IE brings me to this forum.

I guess I will have to set up a vista workstation and test to see if it does the same thing.

Still would like to know if there is a way to change the URL request headers and http version (besides the non-functioning registry settings) regardless of OS, IE version, hotfix, etc.

I set up a Vista workstation and tested the HTTP/1.0 vs HTTP/1.1 through proxy.

The SSL connection was sent out as HTTP/1.0 just like XP.

2009-09-28 16:35:59 192.168.1.106 - - 164 200 TCP_TUNNELED 1744 920 CONNECT 443 tcp myweb.test.com / - - NONE 12.154.90.12 - OBSERVED HTTP/1.0 "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; SLCC1; .NET CLR 2.0.50727; .NET CLR 3.0.04506)"

So, the issue is not just XP.

Internet Explorer sends SSL requests through a proxy as HTTP/1.0. How can I force it to use 1.1?
The registry settings do not change the request as stated in the KB articles.

I also noticed that the header field also adds "pragma: no-cache" which I do not want.

These apparently are the default settings for IE6-8 in which I cannot find a way to force 1.1 or change the no-cache.

Are you sure?  I thought SSL would imply HTTPS which would make HTTP settings irrelevant.

Do you have a Fiddler2  trace of this?  Fiddler2 can trace  HTTPS   but you will see certificate issues from doing it because it then appears as a "man-in-the-middle" security risk.

As for the "no-cache" symptom in this scenario, perhaps you have checked:
   Do no save encrypted pages to disk
(in Options, Advanced tab, Security section)

BTW a possibly better place to check all the facts being discussed by your case would be the Fiddler Google Groups Discussion group, linked to from here:

http://www.enhanceie.com/Fiddler/help/httpsdecryption.asp


Good luck

Robert Aldwinckle
---

Robert,
Out of curiosity, how would the fiddler groups be able to assist me in modifying or getting IE fixed to send proper HTTP(S) requests?

So far I have identified IE as an issue with some SSL sites. Because it sends the request out as HTTP/1.0 instead of HTTP/1.1. Firefox sends the requests as 1.1 and does not exibit the issues that IE does. One example: HTTP/1.0 does not have persistant connections. Sending a request in 1.0 will cause every request to establish a new connection. With other issues on top of this, the request/response is slow and can be locked up for 5 minutes. The lower the number of requests, the less likely the user will be slow or lock up. I am trying to eliminate every possible cause. Without being able to force IE to use 1.1, I cannot eliminate IE as the cause. Documentation on this behavior can be found at:
http://www.research.att.com/~bala/papers/h0vh1.html

Information pertaining to wininet.dll and HTTP/1.0 can be found at: http://kbalertz.com/947513/Internet-Explorer-requests-instead-requests-connect.aspx and the KB article I referenced above.

To sum things up:

IE 6, 7 and 8 in XP sends out SSL connection using HTTP/1.0 instead of 1.1.
IE 7 in Vista also sends out SSL connections using 1.0.

I have followed instructions found in KB articles and web sites (wininet.dll points to HKLM instead of HKCU).

So, my question still remains as, how do I force IE to send HTTP/1.1 over SSL?

My next test will be Windows 7 and I will bet that it will also send it 1.0. WHY? 1.0 is in the caveman days!!! Why is it even an option? Or maybe the option should be to use 1.0 and use 1.1 by default????

Robert,
Out of curiosity, how would the fiddler groups be able to assist me in modifying or getting IE fixed to send proper HTTP(S) requests?

Because Eric Lawrence is more likely to be there than here?

So far I have identified IE as an issue with some SSL sites. Because it sends the request out as HTTP/1.0 instead of HTTP/1.1.

You were using an explicit port 443  with an HTTP request?  As I mentioned usually 443 is the default port for HTTPS.  I'm not really surprised to see IE doing quirky things with an explicit port request, especially with that port.   Do you have control of the server?  E.g. I'm wondering what would happen if you tried any other port but 443.  ; )

Firefox sends the requests as 1.1 and does not exibit the issues that IE does. One example: HTTP/1.0 does not have persistant connections. Sending a request in 1.0 will cause every request to establish a new connection. With other issues on top of this, the request/response is slow and can be locked up for 5 minutes. The lower the number of requests, the less likely the user will be slow or lock up. I am trying to eliminate every possible cause. Without being able to force IE to use 1.1, I cannot eliminate IE as the cause. Documentation on this behavior can be found at:
http://www.research.att.com/~bala/papers/h0vh1.html

Information pertaining to wininet.dll and HTTP/1.0 can be found at: http://kbalertz.com/947513/Internet-Explorer-requests-instead-requests-connect.aspx and the KB article I referenced above.

I suspect that's something else but your last article does raise an interesting point which seems to be missing in both of your examples:

<quote>
If the URL references a port other than the default (TCP port 80), this is also given in the Host header.
</quote>