Event 1065 - Web Proxy Error Handling Changes

Applies To: Windows 7, Windows Vista

To address a known security issue in the Secure Hypertext Transfer Protocol (HTTPS), Windows® Internet Explorer® 8 will block any content that is returned from a failed CONNECT command through a proxy server. For example, when a browser attempts to go through a proxy server to a security-enabled site, the proxy server will mediate the establishment of a security-enabled tunnel that connects the communication between the browser and the target server. If the proxy server fails to create this tunnel, then the connection will be unable to reach the target server, which will generate an error message and cause the content to fail to appear in the browser.

How Does This Work?

To facilitate this new security feature, Internet Explorer 8 includes a modification to the Microsoft® Win32® Internet (WinInet) connection. If a connection is not fully established to the target server, then the WinInet connection will fail to return content back to the browser. When the browser detects that the connection failed at the WinInet level, it will then downgrade the protocol to http:// and change the host name in the Address bar to the name of the proxy server.

When Is This Event Logged?

This event is logged when Internet Explorer attempts to make a security-enabled connection to a specified server. Internet Explorer detects this event when it fails to create a Secure Sockets Layer (SSL) tunnel to the origin server through the proxy server.

Remediation

There is no workaround for this security feature. You must be aware that this feature exists and then design your Web site accordingly.

See Also

Concepts

Known Internet Explorer Security Feature Issues