1330604 - Detailed information in console when firefox blocks a request with an authorization header greater than 5000 bytes

Status: RESOLVED INCOMPLETE

(Core :: Networking, defect, P3)

Description

[martin.wiesmueller]

User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.95 Safari/537.36

Steps to reproduce:

I'm the developer auf an Angular2 App who is designed in an MEAN Stack. For the authorization we use a JSON Web Token in requests headers.

Reproduce:
Starts a request to a rest API with a token in Authorization-Header. The token must be greater than 5000 Bytes.








Actual results:

When the token length is greater than 5000 Bytes, Firefox blocks the request. But that is not the Problem. That Firefox blocks the request is fine. The Problem is the diagnostic of this operation. 

Firefox returns follow error: 
Object { _body: error, status: 0, ok: false, statusText: "", headers: Object, type: 3, url: null }

This error and the developers network analysis tool looks like a problem with CORS. 

So we invested a lot of time in the wrong direction to search the error. :-)


Expected results:

It would have been very easy if a message appeared in the console. That would save a lot of time :-)

Comment 1

[martin.wiesmueller]

Additional Message in Stackoverflow:

http://stackoverflow.com/questions/26033983/what-is-the-maximum-size-of-jwt-token

Comment 2

[Loic]

Martin, could you provide a simple testcase to reproduce the issue?

Comment 3

[Andrew Overholt [:overholt]]

I'm curious if the Necko team has thought about messaging here.

Comment 4

[Dragana Damjanovic [:dragana]]

Can you provide us a simple test case?

Comment 5

[BugBot [:suhaib / :marco/ :calixte]]

A needinfo is requested from the reporter, however, the reporter is inactive on Bugzilla. Given that the bug is still UNCONFIRMED, closing the bug as incomplete.

For more information, please visit BugBot documentation.