Closed Bug 1277496 Opened 4 years ago Closed 2 years ago
Attribute 'origin' is should be uppercase 'Origin' in firefox request header
User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2754.0 Safari/537.36 Steps to reproduce: 1. When client send a http request to server 2. then this issue happen, pls check the attachment Actual results: Attribute 'Origin' is lower case Expected results: 1. Attribute 'origin' is should be uppercase 'Origin' in firefox request header 2. Pls check https://www.w3.org/TR/cors/#access-control-allow-origin-response-header
Reproducible. User Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:46.0) Gecko/20100101 Firefox/46.0 Build ID: 20160511223818
Status: UNCONFIRMED → NEW
Ever confirmed: true
OS: Mac OS X → All
I can't reproduce the problem on my machine. I am seeing capital 'O' for the Origin header. Can you please provide a test case I could try out on my machine? I've been testing with Nightly as well as with Fx47 Honza
Priority: -- → P3
I use 48.0a2 dev version of firefox on MAC
I can reproduce this issue on Ubuntu Firefox 48.
Moving to a hopefully more correct product/component. It would appear that Firefox isn't always sending lowercase "origin" based on comment 2, it would therefore be helpful if people could investigate more, and state if they are seeing this all the time, or what circumstances this is happening in.
Component: Developer Tools: Netmonitor → Networking
Product: Firefox → Core
Note moved to Core/Networking, as this seems to be affecting some servers that look for "Origin" rather than case-insensitive, i.e. not just a devtools display issue.
Priority: P3 → --
1] this probably doesn't come from core/networking - origin headers are generally passed into the channel from some higher level code. happy to help as far as I can though. 2] please do evangelism also with the servers. request headers are not case sensitive items, and indeed in h2 they are always all in lowercase. So a server that is making a distinction there flat out has a bug. 3] if one of the folks that can reproduce it can attach an http log (https://developer.mozilla.org/en-US/docs/Mozilla/Debugging/HTTP_logging) that might help us figure out where it is coming from (but see #1 - the scope of the log may not be enough.. but maybe.) ni for that reason.
I've just been talking with a couple of users on irc. We had a look at various things and they didn't have anything unusual in their profiles (no add-ons etc). At least one of them was running with e10s on FF 49. It appears that restarting Firefox (possibly via safe mode), seemed to revert it to using the uppercase "Origin" somehow. So this could be a timing issue or something else strange going on up the stack somewhere.
Bug 1301156 is similar.
I've a similar problem, but it happens just in Ubuntu's Firefox. The following headers are sent for the same request: -Ubuntu: Host: www.dentalcremer.com.br User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:49.0) Gecko/20100101 Firefox/49.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Access-Control-Request-Method: GET Access-Control-Request-Headers: cache-control,pragma,user-agent origin: http://busca.dentalcremer.com.br DNT: 1 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache ------- -Windows: Host: www.dentalcremer.com.br User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:48.0) Gecko/20100101 Firefox/48.0 Accept: text/html,*/*;q=0.01 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referrer: http://busca.dentalcremer.com.br Origin: http://busca.dentalcremer.com.br Connection: keep-alive
I attached some debug info regarding this case from 49.0.1/Windows. Hopefully I selected all the necessary lines from the log. At least in this log the origin header appears in both forms.
Bulk change to priority: https://bugzilla.mozilla.org/show_bug.cgi?id=1399258
Priority: -- → P2
Set to P3 based on comment #8.
Priority: P2 → P3
The log shows it's in preflight. The culprit might be https://searchfox.org/mozilla-central/rev/50ba1dd30cf013bddce1ae756f1b3c95b26f0628/dom/fetch/FetchDriver.cpp#1484 We should change those literal string to nsHttp::Origin, though.
Pushed by firstname.lastname@example.org: https://hg.mozilla.org/integration/autoland/rev/1b9757b74504 use nsHttp::Origin instead of literal cstring r=francois
Assignee: nobody → juhsu
Flags: qe-verify+ → needinfo?(yanfzhen)
Resolution: FIXED → WORKSFORME
You need to log in before you can comment on or make changes to this bug.