Open Bug 1368664 Opened 5 years ago Updated 3 months ago

Use Vary header when matching HTTP/2 pushed items

Categories

(Core :: Networking: HTTP, defect, P3)

defect

Tracking

()

People

(Reporter: jaffathecake, Unassigned)

Details

(Keywords: reproducible, testcase, Whiteboard: [necko-triaged])

User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36

Steps to reproduce:

I built a little test suite thing for this: https://github.com/jakearchibald/http2-push-test/

The test is served at /vary-cookie/, which pushes a request that has "Cookie: val=a", and the pushed response has "Vary: Cookie".

1. Press the "Set cookie b" button, this sets val=b
2. Press "Fetch with credentials" & observe the console


Actual results:

4 random numbers are logged. This is the pushed resource.


Expected results:

"NOT FROM PUSH" - because the pushed resource should not have matched.
Component: Untriaged → Networking: HTTP
Product: Firefox → Core
Assignee: nobody → mcmanus
Whiteboard: [necko-active]
It'd be interesting to see if the cache did this for a non-push request; my WPT tests didn't cover cases where the cookie was changed. Will give it a go ~tomorrow (currently in the air).
Bulk priority update: https://bugzilla.mozilla.org/show_bug.cgi?id=1399258
Priority: -- → P1
Priority: P1 → P2
Whiteboard: [necko-active]
Whiteboard: [necko-triaged]
Status: UNCONFIRMED → ASSIGNED
Ever confirmed: true

Unassigning bugs owned by Patrick.

Assignee: mcmanus → nobody
Status: ASSIGNED → NEW
Priority: P2 → P3
You need to log in before you can comment on or make changes to this bug.