User Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/48.0.2564.109 Safari/537.36 Steps to reproduce: Firefox 47.0a1 (2016-01-26) will not connect to the HTTP2-operated site <https://staging.paperhive.org/>. It's sister-sites, e.g., https://paperhive.org/ are using HTTP1, and Firefox runs fine. This can be reproduced with all recent versions of FF. Google Chrome connects to all sites flawlessly. Actual results: The relevant server log is ``` 123.45.678.901 - - [16/Feb/2016:23:03:03 +0100] https staging.paperhive.org "GET / HTTP/2.0" 200 1396 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:47.0) Gecko/20100101 Firefox/47.0" ``` The server is running on nginx-1.9.11.
its possible this is invalid and we need to file a bug in the chromium tracker.. but let's get the details first
Yes, this looks invalid to me. Relevant lines from my http log connecting to staging.paperhive.org: 2016-02-17 01:23:04.393463 UTC - [Socket Thread]: V/nsHttp Http2Decompressor::DoLiteralInternal literal name public-key-pins 2016-02-17 01:23:04.393467 UTC - [Socket Thread]: V/nsHttp Http2Decompressor::Disallowing folded header value pin-sha256="WmuEAjQqSF32DYit8/5JM3+plvIqG4knkk+6id qHgk4="; pin-sha256="Mew2AZRS9FqcP51jEM1ENSANw4qsrUrNgoP5+pP3ZRc="; max-age=604800; report-uri="https://report-uri.io/report/euSh4uuka0ohNgie" 2016-02-17 01:23:04.393469 UTC - [Socket Thread]: V/nsHttp HTTP decompressor literal without index public-key-pins pin-sha256="WmuEAjQqSF32DYit8/5JM3+plvIqG4knk k+6idqHgk4="; pin-sha256="Mew2AZRS9FqcP51jEM1ENSANw4qsrUrNgoP5+pP3ZRc="; max-age=604800; report-uri="https://report-uri.io/report/euSh4uuka0ohNgie" Note the newlines - the server is misbehaving for an h2 world (I suspect blind translation of http/1.1 headers as we saw in an earlier bug about folded header values, but can't be sure).
Note: some of those newlines (specifically the newlines in the middle of the first pin-sha256) are copypastas from my terminal, not original newlines from the server. The rest of the newlines (after each ;) are present in what we receive from the server.
can you file the bug in the chromimum tracker and close this?
Thanks everyone for investigating! https://code.google.com/p/chromium/issues/detail?id=587402&thanks=587402&ts=1455703065
thank you! I know the googlers have indicated in the past they would enforce that..