Microsoft KB Archive Search

Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

  1. Home
  2. BUG: Internet Explorer 6 does not correctly handle the percent character (%) in a URL in the OBJECT tag

BUG: Internet Explorer 6 does not correctly handle the percent character (%) in a URL in the OBJECT tag

View products that this article applies to.

This article was previously published under Q326980

↑ Back to the top

Symptoms

When hosted in Internet Explorer, a Microsoft .NET Windows Form control may not load correctly when the URL contains a percent character (%).

↑ Back to the top

Cause

The percent character (%) is considered unsafe because it is used for encoding of other characters. In a URL, all unsafe characters must be encoded (for example, % is encoded as %25).

For example, when you move to a page using the following URL, Internet Explorer decodes %2545 into %45 and successfully finds the HTML page:
http://webserver/%2545/iehosting.html
However, the Web server for the .NET WinForm control responds in the following manner:
  • When Internet Explorer requests the Web server for the .NET WinForm control, the following URL is used (note the %45):
    URL http://webserver/%45/ieControl.dll
  • The Web server decodes this URL in the following order:
    • %45 translates to 0x45
    • 0x45 is 69
    • %45 translates to the character E
  • As a result, the last location where the Web server looks for the control is http://webserver/E/ieControl.dll (note the E, instead of %45).

    Because Internet Explorer cannot find the control, it does not load.

↑ Back to the top

Status

Microsoft has confirmed that this is a bug in the Microsoft products that are listed at the beginning of this article.

↑ Back to the top

More information

When Internet Explorer requests the Web server for ieControl.dll, it is designed to send the URL "as is", without decoding %2545 into %45. The server expects an encoded string, not one that has already been decoded.

This is a problem with the OBJECT tag and prevents managed code in the OBJECT tag from working in this situation. It basically redirects requests from one URL to another, that is, redirects this URL:
http://webserver/%45/ieControl.dll
to this URL:
http://webserver/E/ieControl.dll

Steps to Reproduce the Behavior

  1. Create a Windows Control Library project.
  2. Compile the control, and then name it ieControl.dll.
  3. Create an HTML page, and then host Windows Form control in Internet Explorer with an OBJECT tag.
    <HTML>
<BODY><BR/>
This is a WinForm control, hosted in Internet Explorer demonstration:
<OBJECT id=myControl classid="ieControl.dll#myControl" width=500  height=500>
</OBJECT>
</BODY>
</HTML>
  4. Save the HTML page as Iehosting.html.
  5. Create a directory named %45 under wwwroot of your Web server.
  6. Copy the Iehosting.html and IeControl.dll files to the directory.
  7. Start Internet Explorer, move to the page at http://webserver/%2545/iehosting.html, and then verify that the .dll does not load correctly.

↑ Back to the top

References

For more information about URL encoding, visit the following Network Working Group (Request for Comments 1738) Web site:
Uniform Resource Locators
http://www.rfc-editor.org/rfc/rfc1738.txt

↑ Back to the top

Keywords: KB326980, kbfix, kbbug, kbvs2002sp1sweep

↑ Back to the top

Article Info
Article ID : 326980
Revision : 4
Created on : 9/14/2005
Published on : 9/14/2005
Exists online : False
Views : 540