IE 10 HTTP 401 Error on ajax POST

Question

I've been chasing down an issue and decided to make the most basic reproduction of the issue possible in hopes that a simplified question will help me resolve this.

I am receiving a 401 when posting to a web service via ajax in javascript. I will include as much information as well as all of the troubleshooting steps I have tried.

I created a test page on the root of my site and tried both plain JS and jquery for the ajax call with the same results. I've included the jquery commented out...

Page

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//" "http://www.w3.org/TR/html4/loose.dtd">

<head>

<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js"></script>

<script type="text/javascript">
/*$(document).ready(function() {
    $('#button').click(function() {
        var ID = 2;
        var firstname = $('#First_Name').val();
        var lastname = $('#Last_Name').val(); 

        $.ajax({
            type: 'POST',
            url: '/service/name/service.aspx/ChangeName',
            contentType: 'application/json; charset=utf-8',
            dataType: 'json',
            data: '{ "ID": "' + ID + '", "firstName": "' + firstname + '", "lastName": "' + lastname + '" }',
            success: function() {
                console.log('success');

            },
            error: function(d) {
                console.log(d.responseText);
            }
        });
    });
});*/

function runAjax() {
    //Create Http request depending on browser
    var xmlhttp;
        if (window.XMLHttpRequest)
          {// code for IE7+, Firefox, Chrome, Opera, Safari
          xmlhttp=new XMLHttpRequest();}
        else
          {// code for IE6, IE5
          xmlhttp=new ActiveXObject("Microsoft.XMLHTTP");}

    xmlhttp.onreadystatechange=function(){
      if (xmlhttp.readyState==4 && xmlhttp.status==200){
        document.getElementById("myDiv").innerHTML=xmlhttp.responseText;}
      }

    // Function to create 
    var url = "/service/name/service.aspx/ChangeName";
    xmlhttp.open("POST",url,true);
    xmlhttp.setRequestHeader("Content-Type", "application/json; charset=utf-8");
    var data=JSON.stringify({ "ID": "2", "firstName": "John", "lastName": "Doe" });
    xmlhttp.send(data);
}
</script>
</head>
<body>
<div id="myDiv">
      <table width="100%" cellpadding="3" cellspacing="0">
        <tbody>
        <tr>
            <td width="34%">
                <div align="right">
                    <strong>First Name: </strong>
                </div>
            </td>
            <td>
                <div>
                    <input name="First_Name" type="text"id="First_Name" size="20">
                </div>
            </td>
        </tr>
        <tr>
            <td>
                <div align="right">
                    <strong>Last Name: </strong>
                </div>
            </td>
            <td>
                <input name="Last_Name" type="text" id="Last_Name" size="20">
            </td>
        </tr>
      </tbody>
      </table>

      <div align="center">

        <input id="button" type="button" value="Update Student Details" onclick="runAjax();" style="margin:5px;">

        </div>
    </div>
</body>
</html>

Now in every browser except for IE10 this works fine. In fiddler it shows that IE is getting a 401 response

Request Headers fiddler

POST http://dev.mysite/service/name/service.aspx/ChangeName HTTP/1.1
Accept: */*
Content-Type: application/json; charset=utf-8
Referer: http://dev.mysite/test_page.html
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)
Connection: Keep-Alive
Content-Length: 46
DNT: 1
Host: dev.mysite
Pragma: no-cache

{"ID":"2","firstName":"John","lastName":"Doe"}

Response Headers fiddler

HTTP/1.1 401 Unauthorized
Content-Type: application/json; charset=utf-8
Server: Microsoft-IIS/7.0
jsonerror: true
WWW-Authenticate: Negotiate
WWW-Authenticate: NTLM
X-Powered-By: ASP.NET
Date: Thu, 07 Mar 2013 01:12:05 GMT
Content-Length: 105
Proxy-Support: Session-Based-Authentication

I enabled Failed Request Tracing on the server and this is the information it gives me for that call:

Failed Request Log iis

1. -GENERAL_REQUEST_START

• SiteId - 2
• AppPoolId - ASP.NET v4.0
• ConnId - 1610622306
• RawConnId - 0
• RequestURL - http://dev.mysite:80/service/name/service.aspx/ChangeName
• RequestVerb - POST

2. -FILTER_START

• FilterName - C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_filter.dll

3. -FILTER_END

4. -AspNetStart

• ConnID - 0
• Context ID - {00000000-0000-0000-6425-0080000000BF}
• Data1 - POST
• Data2 - /service/name/service.aspx
• Data3 -

5. -GENERAL_REQUEST_END

• BytesSent - 359
• BytesReceived - 440
• HttpStatus - 401
• HttpSubStatus - 0

Things I found by simplifying the ajax request was that it is not only a Windows 8 problem and that turning compatibility mode on does not work either.

I have tried disabling the Kernel-mode authentication in IIS, I've triple checked permissions on the web service folder, followed these suggestions, I've even tried placing the web service in the same directory as the page. All with the same result... Any direction or assistance is greatly appreciated.

Answer 1

I know this is an old question but I came upon it because I was having a similar problem. This is what worked for me, however - once I added this to web.config I stopped getting the 401 error:

<webservices>
    <protocols>
        <add name="HttpGet"></add>
        <add name="HttpPost"></add>
    </protocols>
</webServices>

Answer 2

Just curious if it's the same issue I had.

Does adding a slash at the end of your URL fix the issue in IE 10? e.g.

/service/name/service.aspx/ChangeName/

instead of

/service/name/service.aspx/ChangeName

If so then Eric Lawrence of Fiddler and IE fame explains it here, http://blogs.msdn.com/b/ieinternals/archive/2010/11/22/internet-explorer-post-bodies-are-zero-bytes-in-length-when-authentication-challenges-are-expected.aspx