Internet Explorer: "Location:" directive bug

Last revised 10 September 1998, by Charles Roth.
roth@gamgee.acad.emich.edu

I. Problem Statement:

It appears that many versions of Internet Explorer (e.g., 4.01 and 5.0b1) share a bug in the parsing of URLs produced by the HTTP directive "Location:".

Specifically, when IE is presented with an HTTP directive of the form:

   Location: http://somehost.com/script.cgi?xyz#here

it ignores the "#here" page fragment indicator, and simply loads the HTML (produced by script.cgi?xyz) and positions the browser at the top of the page.

This is inconsistent with the behaviour one gets by simply typing the URL into the browser "Address" window.

This is also in marked contrast to all versions of Netscape (2.02 through 4.05), which does handle this directive as expected (load the page and position the browser at the <A NAME="here"> anchor).

II. Try it

You can try this on your own browser, which appears to be .

Direct Link: This link takes you directly to http://gamgee.acad.emich.edu/~roth/location.html?xyz#here.
CGI Link: This link takes you to the same place, by running a CGI script that generates Location: http://gamgee.acad.emich.edu/~roth/location.html?xyz#here.

Both links should produce exactly the same page, positioned at exactly the same spot in the page. If they don't, then your browser suffers from this bug, and I would appreciate knowing exactly what browser version and platform you used.

III. Results:

IE 5.01	Win/NT 4.0	succeeds
IE 5.0b1	Win/NT 4.0	fails
IE 4.01	Win98	fails
IE 4.00	MacOS	succeeds
IE 3.02	Win95	succeeds (sometimes?)
Netscape 3.01 Gold	Win95	succeeds
Netscape 4.04	Win98	succeeds
Netscape 3.04	Linux	succeeds

IV. More information

For more information about this form of a URL, see the O'Reilly books:

JavaScript: The Definitive Guide, 2nd ed, pages 546 and on, the section about URL objects and URL.hash in particular.
HTML: The Definitive Guide, 2nd ed, section 7.2.2.5, page 186.

V. Work-around

If you are writing CGI scripts that need this kind of capability, I have come up with one possible work-around. Replace all "Location:" directives that include both a "?xyz" and a "#here" as shown below. (The example assumes a shell script, but the work-around is the same for any language.)

Original code:

      echo "Location: http://somehost.com/script.cgi?xyz#here"
      echo ""

Replacement work-around:

      echo "Content-type: text/html"
      echo ""
      echo "<HTML><HEAD></HEAD>"
      echo "<BODY>"
      echo "<SCRIPT LANGUAGE='JavaScript'>"
      echo "   location.href = 'http://somehost.com/script.cgi?xyz#here';"
      echo "</SCRIPT>"
      echo "</BODY>"
      echo "</HTML>"