Multiple values in Access-Control-Allow-Origin header field

RESOLVED INVALID

Status

RESOLVED INVALID
4 years ago
4 years ago

People

(Reporter: KitaitiMakoto, Unassigned)

Tracking

Details

(Whiteboard: [specification][type:bug], URL)

(Reporter)

Description

4 years ago
What did you do?
================
1. I sended GET request to https://developer.mozilla.org/ja/docs/Web/API/Web_Activities$json via XMLHttpRequest from my app in Firefox OS Simulator.

What happened?
==============
Error occured. Firebug said the request was blocked by same origin policy: "クロスオリジンリクエストをブロック: 同一生成元ポリシーにより、https://developer.mozilla.org/ja/docs/Web/API/Web_Activities$json にあるリモートリソースの読み込みを拒否します。リソースを同一ドメインに移動するか、CORS を有効にすると解決できます。"

Chromium said more clearly: "XMLHttpRequest cannot load https://developer.mozilla.org/ja/docs/Web/API/Web_Activities$json. The 'Access-Control-Allow-Origin' header contains multiple values '*, *', but only one is allowed. Origin 'null' is therefore not allowed access."

curl command result is here:
$ curl -Is https://developer.mozilla.org/ja/docs/Web/API/Web_Activities$json
HTTP/1.1 200 OK
Server: Apache
Vary: Cookie, Accept-Encoding
X-Backend-Server: developer2.webapp.scl3.mozilla.com
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Credentials: false
Date: Wed, 17 Dec 2014 16:07:28 GMT
X-kuma-revision: 709683
Access-Control-Allow-Origin: *
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
ETag: "826f4d490c05b2e7b95da786dac3a947c303736b"
X-Frame-Options: DENY
Last-Modified: Wed, 17 Dec 2014 07:39:07 GMT
Access-Control-Allow-Methods: GET
X-Cache-Info: caching
Content-Length: 73217


What should have happened?
==========================
Only one Access-Control-Allow-Origin header field should appear.

Is there anything else we should know?
======================================
(Reporter)

Updated

4 years ago
OS: Other → All
Thanks for the bug. We're already tracking this in bug 1104260.
Status: UNCONFIRMED → RESOLVED
Last Resolved: 4 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 1104260
(Reporter)

Comment 2

4 years ago
Oh, I'm sorry for my duplication.
Thank you for your information.
Resolution: DUPLICATE → INVALID
You need to log in before you can comment on or make changes to this bug.