Attribute 'origin' is should be uppercase 'Origin' in firefox request header
Categories
(Core :: Networking, defect, P3)
Tracking
()
Tracking | Status | |
---|---|---|
firefox65 | --- | fixed |
People
(Reporter: yanfzhen, Assigned: CuveeHsu, NeedInfo)
References
Details
(Whiteboard: [necko-next])
Attachments
(3 files)
User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2754.0 Safari/537.36 Steps to reproduce: 1. When client send a http request to server 2. then this issue happen, pls check the attachment Actual results: Attribute 'Origin' is lower case Expected results: 1. Attribute 'origin' is should be uppercase 'Origin' in firefox request header 2. Pls check https://www.w3.org/TR/cors/#access-control-allow-origin-response-header
Comment 1•8 years ago
|
||
Reproducible. User Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:46.0) Gecko/20100101 Firefox/46.0 Build ID: 20160511223818
Updated•8 years ago
|
Updated•8 years ago
|
Comment 2•8 years ago
|
||
I can't reproduce the problem on my machine. I am seeing capital 'O' for the Origin header. Can you please provide a test case I could try out on my machine? I've been testing with Nightly as well as with Fx47 Honza
Comment 4•8 years ago
|
||
I can reproduce this issue on Ubuntu Firefox 48.
Same issue! please fix it Application Basics ------------------ Name: Firefox Version: 48.0 Build ID: 20160728203720 User Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:48.0) Gecko/20100101 Firefox/48.0 OS: Linux 4.4.0-34-generic x86-64 Multiprocess Windows: 0/1 (Disabled) Safe Mode: false Important Modified Preferences ------------------------------ browser.cache.disk.capacity: 358400 browser.cache.disk.filesystem_reported: 1 browser.cache.disk.smart_size.first_run: false browser.cache.disk.smart_size.use_old_max: false browser.cache.frecency_experiment: 1 browser.download.importedFromSqlite: true browser.places.smartBookmarksVersion: 8 browser.sessionstore.upgradeBackup.latestBuildID: 20160728203720 browser.startup.homepage_override.buildID: 20160728203720 browser.startup.homepage_override.mstone: 48.0 browser.urlbar.daysBeforeHidingSuggestionsPrompt: 3 browser.urlbar.lastSuggestionsPromptDate: 20160816 dom.apps.reset-permissions: true extensions.lastAppVersion: 48.0 media.gmp-gmpopenh264.abi: x86_64-gcc3 media.gmp-gmpopenh264.lastUpdate: 1471351125 media.gmp-gmpopenh264.version: 1.5.3 media.gmp-manager.buildID: 20160728203720 media.gmp-manager.lastCheck: 1471438648 media.gmp.storage.version.observed: 1 network.cookie.prefsMigrated: true network.predictor.cleaned-up: true places.database.lastMaintenance: 1471354530 places.history.expiration.transient_current_max_pages: 104858 plugin.disable_full_page_plugin_for_types: application/pdf plugin.importedState: true privacy.cpd.offlineApps: true privacy.cpd.siteSettings: true privacy.sanitize.timeSpan: 2 security.OCSP.enabled: 0 storage.vacuum.last.index: 0 storage.vacuum.last.places.sqlite: 1471354530 Important Locked Preferences ---------------------------- JavaScript ---------- Incremental GC: true Accessibility ------------- Activated: false Prevent Accessibility: 0 Library Versions ---------------- NSPR Expected minimum version: 4.12 Version in use: 4.12 NSS Expected minimum version: 3.24 Basic ECC Version in use: 3.24 Basic ECC NSSSMIME Expected minimum version: 3.24 Basic ECC Version in use: 3.24 Basic ECC NSSSSL Expected minimum version: 3.24 Basic ECC Version in use: 3.24 Basic ECC NSSUTIL Expected minimum version: 3.24 Version in use: 3.24 Experimental Features --------------------- Sandbox ------- Seccomp-BPF (System Call Filtering): true Seccomp Thread Synchronization: true User Namespaces: true Media Plugin Sandboxing: true
Comment 6•8 years ago
|
||
Moving to a hopefully more correct product/component. It would appear that Firefox isn't always sending lowercase "origin" based on comment 2, it would therefore be helpful if people could investigate more, and state if they are seeing this all the time, or what circumstances this is happening in.
Comment 7•8 years ago
|
||
Note moved to Core/Networking, as this seems to be affecting some servers that look for "Origin" rather than case-insensitive, i.e. not just a devtools display issue.
Comment 8•8 years ago
|
||
1] this probably doesn't come from core/networking - origin headers are generally passed into the channel from some higher level code. happy to help as far as I can though. 2] please do evangelism also with the servers. request headers are not case sensitive items, and indeed in h2 they are always all in lowercase. So a server that is making a distinction there flat out has a bug. 3] if one of the folks that can reproduce it can attach an http log (https://developer.mozilla.org/en-US/docs/Mozilla/Debugging/HTTP_logging) that might help us figure out where it is coming from (but see #1 - the scope of the log may not be enough.. but maybe.) ni for that reason.
Comment 9•8 years ago
|
||
I've just been talking with a couple of users on irc. We had a look at various things and they didn't have anything unusual in their profiles (no add-ons etc). At least one of them was running with e10s on FF 49. It appears that restarting Firefox (possibly via safe mode), seemed to revert it to using the uppercase "Origin" somehow. So this could be a timing issue or something else strange going on up the stack somewhere.
Updated•8 years ago
|
Comment 10•8 years ago
|
||
Bug 1301156 is similar.
Comment 11•8 years ago
|
||
I've a similar problem, but it happens just in Ubuntu's Firefox. The following headers are sent for the same request: -Ubuntu: Host: www.dentalcremer.com.br User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:49.0) Gecko/20100101 Firefox/49.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Access-Control-Request-Method: GET Access-Control-Request-Headers: cache-control,pragma,user-agent origin: http://busca.dentalcremer.com.br DNT: 1 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache ------- -Windows: Host: www.dentalcremer.com.br User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:48.0) Gecko/20100101 Firefox/48.0 Accept: text/html,*/*;q=0.01 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referrer: http://busca.dentalcremer.com.br Origin: http://busca.dentalcremer.com.br Connection: keep-alive
Comment 12•8 years ago
|
||
I attached some debug info regarding this case from 49.0.1/Windows. Hopefully I selected all the necessary lines from the log. At least in this log the origin header appears in both forms.
Comment 13•8 years ago
|
||
Comment 15•7 years ago
|
||
Bulk change to priority: https://bugzilla.mozilla.org/show_bug.cgi?id=1399258
Assignee | ||
Comment 17•6 years ago
|
||
The log shows it's in preflight. The culprit might be https://searchfox.org/mozilla-central/rev/50ba1dd30cf013bddce1ae756f1b3c95b26f0628/dom/fetch/FetchDriver.cpp#1484 We should change those literal string to nsHttp::Origin, though.
Assignee | ||
Comment 18•6 years ago
|
||
Assignee | ||
Comment 19•6 years ago
|
||
https://treeherder.mozilla.org/#/jobs?repo=try&revision=9075b3bb9a64be75f033ccdcad123d0469c647bd&selectedJob=209522759
Assignee | ||
Updated•6 years ago
|
Comment 20•6 years ago
|
||
Pushed by nbeleuzu@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/1b9757b74504 use nsHttp::Origin instead of literal cstring r=francois
Comment 21•6 years ago
|
||
bugherder |
https://hg.mozilla.org/mozilla-central/rev/1b9757b74504
Updated•6 years ago
|
Updated•5 years ago
|
Comment 22•5 years ago
|
||
Hello,
Unfortunately, I can't reproduce this issue using the Fx Nightly BuildID: 20160602030220 on Windows 10 x64, Ubuntu 18.04 x64 and macOS X 10.14.
Maybe I am missing something?
On the FX Nightly BuildID: 20160602030220 and the current Fx Beta 65.0b11 the response header always shows Origin with uppercase.
Comment 24•5 years ago
|
||
Hello,
Yanfzhen can you please help us with reproducing this issue and seeing if its fixed on Fx Beta 65.0b12? Any help would be much appreciated.
Comment 25•5 years ago
|
||
Could not reproduce.
Version: 65.0b12
Build ID: 20190117232427
User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:65.0) Gecko/20100101 Firefox/65.0
Comment 26•5 years ago
|
||
Seeing as this issue can no longer be reproduced either on the original build Fx Nightly BuildID: 20160602030220 or the current Fx Beta 65.0b12 I think its best to mark this issue as verified fix.
Description
•