Opened 4 years ago

Closed 4 years ago

#17620 closed Bug (invalid)

Chrome fails with additional Content-Disposition header

Reported by: jbauer@… Owned by: nobody
Component: Documentation Version: 1.3
Severity: Normal Keywords:
Cc: Triage Stage: Unreviewed
Has patch: no Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: no UI/UX: no


Later versions of Chrome will fail to render content if you follow this example by assigning an addition Content-Disposition header, e.g.

response['Content-Disposition'] = 'attachment; filename=somefilename.pdf'

The Chrome browser returns:

Duplicate headers received from server

The response from the server contained duplicate headers. This problem is generally the result of a misconfigured website or proxy. Only the website or proxy administrator can fix this issue.

Error 349 (net::ERR_RESPONSE_HEADERS_MULTIPLE_CONTENT_DISPOSITION): Multiple Content-Disposition headers received. This is disallowed to protect against HTTP response splitting attacks.

Change History (1)

comment:1 Changed 4 years ago by jbauer@…

  • Needs documentation unset
  • Needs tests unset
  • Patch needs improvement unset
  • Resolution set to invalid
  • Status changed from new to closed

This apparently fails only with certain kinds of filenames (embedded spaces, commas), so I'm going to mark it as invalid.

Note: See TracTickets for help on using tickets.
Back to Top