Opened 7 years ago

Closed 7 years ago

#17620 closed Bug (invalid)

Chrome fails with additional Content-Disposition header

Reported by: jbauer@… Owned by: nobody
Component: Documentation Version: 1.3
Severity: Normal Keywords:
Cc: Triage Stage: Unreviewed
Has patch: no Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: no UI/UX: no


Later versions of Chrome will fail to render content if you follow this example by assigning an addition Content-Disposition header, e.g.

response['Content-Disposition'] = 'attachment; filename=somefilename.pdf'

The Chrome browser returns:

Duplicate headers received from server

The response from the server contained duplicate headers. This problem is generally the result of a misconfigured website or proxy. Only the website or proxy administrator can fix this issue.

Error 349 (net::ERR_RESPONSE_HEADERS_MULTIPLE_CONTENT_DISPOSITION): Multiple Content-Disposition headers received. This is disallowed to protect against HTTP response splitting attacks.

Change History (1)

comment:1 Changed 7 years ago by jbauer@…

Resolution: invalid
Status: newclosed

This apparently fails only with certain kinds of filenames (embedded spaces, commas), so I'm going to mark it as invalid.

Note: See TracTickets for help on using tickets.
Back to Top