Lars Fløe Nielsen

Today I ran into a really strange problem. In fact it’s related to my post yesterday where I explained about problems you may run into when training developers. They tend to have very different configurations as well as different security settings.

Today I figured out what was wrong with one of the users. The symptoms were, - in her case:

1. Sitecore tree list field type did not do a drop down.
2. The XHTML editor did not perform. You could open it, but only sometimes view markup source, and never edit or submit the content.

In the HTML editor, sometimes I could navigate to the markup of the HTML field, and whenever this succeeded, I noticed that it contained some JavaScript code, which our application does not pass in the AJAX stream. Looking into the Script, I could see that all variables was prefixed with SYM. Immediately intrigued, I had to suspect Norton Internet Security as the culprit. I turned it off, and everything worked like a charm.

So, Googleing the topic “HttpRequest and Norton” I found that Norton interacts with XmlHttpRequests by inserting script that supposedly should secure your web page. But in this case, it’s not blocking anything malicious.

This is not the first time, this problem appears. According to the search requests it happens often for Norton Internet Security.

Unfortunately I have left the client now as I move to Bangkok tomorrow for another two days of meetings, but I did find a potential set of instructions for a potential fix. Read this set of instructions for removing Norton Internet Security’s ability to block XmlHttpRequests and try it. Comments are welcome.

Well, clock’s set to ring 5 tomorrow morning. No rest for the wicked.