Closed Bug 1152162 Opened 5 years ago Closed Last year

Accept-Ranges parsing

Categories

(Core :: Networking, defect, P3)

defect

Tracking

()

RESOLVED FIXED
mozilla63
Tracking Status
firefox63 --- fixed

People

(Reporter: mnot, Assigned: kershaw)

Details

(Whiteboard: [necko-triaged])

Attachments

(1 file, 1 obsolete file)

MediaResource.cpp do_QueryInterface() parses the HTTP Accept-Ranges header like this:

    nsAutoCString ranges;
    hc->GetResponseHeader(NS_LITERAL_CSTRING("Accept-Ranges"),
                          ranges);
    bool acceptsRanges = ranges.EqualsLiteral("bytes");

This means that if the string "bytes" shows up in the header at all, it will match -- making it error-prone if a range using that sequence of characters is ever defined (e.g., "newbytes" as recently proposed on the HTTP WG mailing list).

The syntax isn't difficult to parse, it's a comma-separated list of tokens with optional whitespace (the same as several other headers):
  http://httpwg.github.io/specs/rfc7233.html#header.accept-ranges

(found by Rodger Combs on the IETF HTTP WG mailing list)
Correction: the existing implementation would only match if the header value is exactly "bytes", so it'd be error-prone if the server listed multiple range units including "bytes".
QA Whiteboard: [triaged]
Component: DOM: Device Interfaces → Audio/Video
Component: Audio/Video → Networking
Hi Kershaw,
Would you take a look at this bug?
Thanks!
Flags: needinfo?(kechang)
Priority: -- → P3
Whiteboard: [necko-triaged]
Summary:
Simply use nsHttp::FindToken to parse Accept-Ranges header.

Thanks.
Assignee: nobody → kershaw
Status: UNCONFIRMED → ASSIGNED
Ever confirmed: true
Flags: needinfo?(kershaw)
Attachment #8998157 - Flags: review?(valentin.gosu)
Attachment #8998157 - Flags: review?(valentin.gosu) → review+
Carry r+.
Attachment #8998157 - Attachment is obsolete: true
Attachment #8998172 - Flags: review+
Keywords: checkin-needed
Pushed by aiakab@mozilla.com:
https://hg.mozilla.org/integration/mozilla-inbound/rev/5472b2d8b9a0
Correct parsing Accept-Range header, r=valentin
Keywords: checkin-needed
https://hg.mozilla.org/mozilla-central/rev/5472b2d8b9a0
Status: ASSIGNED → RESOLVED
Closed: Last year
Resolution: --- → FIXED
Target Milestone: --- → mozilla63
You need to log in before you can comment on or make changes to this bug.