Code

Opened 2 years ago

Closed 2 years ago

#17620 closed Bug (invalid)

Chrome fails with additional Content-Disposition header

Reported by: jbauer@… Owned by: nobody
Component: Documentation Version: 1.3
Severity: Normal Keywords:
Cc: Triage Stage: Unreviewed
Has patch: no Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: no UI/UX: no

Description

Later versions of Chrome will fail to render content if you follow this example by assigning an addition Content-Disposition header, e.g.

response['Content-Disposition'] = 'attachment; filename=somefilename.pdf'

The Chrome browser returns:

Duplicate headers received from server

The response from the server contained duplicate headers. This problem is generally the result of a misconfigured website or proxy. Only the website or proxy administrator can fix this issue.

Error 349 (net::ERR_RESPONSE_HEADERS_MULTIPLE_CONTENT_DISPOSITION): Multiple Content-Disposition headers received. This is disallowed to protect against HTTP response splitting attacks.

Attachments (0)

Change History (1)

comment:1 Changed 2 years ago by jbauer@…

  • Needs documentation unset
  • Needs tests unset
  • Patch needs improvement unset
  • Resolution set to invalid
  • Status changed from new to closed

This apparently fails only with certain kinds of filenames (embedded spaces, commas), so I'm going to mark it as invalid.

Add Comment

Modify Ticket

Change Properties
<Author field>
Action
as closed
as The resolution will be set. Next status will be 'closed'
The resolution will be deleted. Next status will be 'new'
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.