Detailed information in console when firefox blocks a request with an authorization header greater than 5000 bytes

UNCONFIRMED
Unassigned

Status

()

Core
Networking
P3
normal
UNCONFIRMED
a year ago
7 months ago

People

(Reporter: martin.wiesmueller, Unassigned, NeedInfo)

Tracking

({testcase-wanted})

50 Branch
testcase-wanted
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: [necko-triaged])

(Reporter)

Description

a year ago
User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.95 Safari/537.36

Steps to reproduce:

I'm the developer auf an Angular2 App who is designed in an MEAN Stack. For the authorization we use a JSON Web Token in requests headers.

Reproduce:
Starts a request to a rest API with a token in Authorization-Header. The token must be greater than 5000 Bytes.








Actual results:

When the token length is greater than 5000 Bytes, Firefox blocks the request. But that is not the Problem. That Firefox blocks the request is fine. The Problem is the diagnostic of this operation. 

Firefox returns follow error: 
Object { _body: error, status: 0, ok: false, statusText: "", headers: Object, type: 3, url: null }

This error and the developers network analysis tool looks like a problem with CORS. 

So we invested a lot of time in the wrong direction to search the error. :-)


Expected results:

It would have been very easy if a message appeared in the console. That would save a lot of time :-)

Updated

a year ago
Component: Untriaged → DOM
Product: Firefox → Core

Comment 2

a year ago
Martin, could you provide a simple testcase to reproduce the issue?
Flags: needinfo?(martin.wiesmueller)
Keywords: testcase-wanted
I'm curious if the Necko team has thought about messaging here.
Component: DOM → Networking
Flags: needinfo?(martin.wiesmueller)
Can you provide us a simple test case?
Flags: needinfo?(martin.wiesmueller)
Priority: -- → P3
Whiteboard: [necko-triaged]
You need to log in before you can comment on or make changes to this bug.