Closed Bug 1945596 Opened 29 days ago Closed 27 days ago

Firefox should be still sending headers even if there are missing ones

Categories

(Core :: Networking: HTTP, defect, P2)

Product:
Core
Component:
Networking: HTTP
Platform:
Desktop
macOS
Type:
defect

Tracking

()

Status:
RESOLVED FIXED
Milestone:
137 Branch
Tracking Flags:
Tracking Status
firefox-esr128 --- fixed
firefox136 --- fixed
firefox137 --- fixed

People

(Reporter: sekim, Assigned: sekim)

References

(Blocks 2 open bugs)

Details

(Keywords: webcompat:platform-bug, Whiteboard: [necko-triaged][necko-priority-queue])

Attachments

(3 files)

Bug 1945596 - Firefox should be still send headers even if there are missing ones r=mkaply
48 bytes, text/x-phabricator-request
Details | Review
Bug 1945596 - Firefox should be still sending headers even if there are missing ones
48 bytes, text/x-phabricator-request
phab-bot
: approval-mozilla-beta+
Details | Review
Bug 1945596 - Firefox should be still sending headers even if there are missing ones
48 bytes, text/x-phabricator-request
phab-bot
: approval-mozilla-esr128+
Details | Review

We should avoid returning from the delegate even if there are missing headers

As discussed with Microsoft earlier, the correct approach for handling cookie headers is for the browser to include in its requests and allow the server to deal with them. Previously, we just returned from the delegate if we have missing headers. We should simply let the server deal with it instead of handling it ourselves.

Assignee: nobody → sekim
Severity: -- → S3
Priority: -- → P2
Whiteboard: [necko-triaged][necko-priority-queue]
Blocks: microsoft-sso
OS: Unspecified → macOS
Hardware: Unspecified → Desktop
Summary: Firefox should be still send headers even if there are missing ones → Firefox should be still sending headers even if there are missing ones
Attachment #9463533 - Attachment description: Bug 1945596 - Firefox should be still send headers even if there are missing ones r=mkaply → Bug 1945596 - Firefox should be still sending headers even if there are missing ones r=mkaply
Attachment #9463533 - Attachment description: Bug 1945596 - Firefox should be still sending headers even if there are missing ones r=mkaply → Bug 1945596 - Firefox should be still send headers even if there are missing ones r=mkaply
Duplicate of this bug: 1934809
Pushed by sekim@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/d5df64ac441f Firefox should be still send headers even if there are missing ones r=mkaply,necko-reviewers,jesup
Depends on: 1944119
Attachment #9463761 - Flags: approval-mozilla-beta?

beta Uplift Approval Request

  • User impact if declined: When Microsoft's broker sends a cookie without device header, the SSO would not complete (on macOS).
  • Code covered by automated testing: no
  • Fix verified in Nightly: yes
  • Needs manual QE test: no
  • Steps to reproduce for manual QE testing: N/A
  • Risk associated with taking this patch: Minimal
  • Explanation of risk level: We are simply appending the headers instead of quickly returning (when there is less than two headers attached. Tested via a local signed Nightly build.
  • String changes made/needed: N/A
  • Is Android affected?: no
Blocks: 1934809
No longer duplicate of this bug: 1934809

https://hg.mozilla.org/mozilla-central/rev/d5df64ac441f

Status: NEW → RESOLVED
Closed: 27 days ago
status-firefox137: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → 137 Branch
Attachment #9463761 - Flags: approval-mozilla-beta? → approval-mozilla-beta+

We'll need to uplift to ESR as well for parity.

(In reply to Mike Kaply [:mkaply] from comment #8)

We'll need to uplift to ESR as well for parity.

Adding an NI for Sean re: Comment 8.
Note, the depends on the Bug 1944119 is only in Fx136+

Flags: needinfo?(sekim)

(In reply to Donal Meehan [:dmeehan] from comment #9)

(In reply to Mike Kaply [:mkaply] from comment #8)

We'll need to uplift to ESR as well for parity.

Adding an NI for Sean re: Comment 8.
Note, the depends on the Bug 1944119 is only in Fx136+

Considering that Bug 1944119 is a low risk refactor, we can probably uplift both.

Attachment #9464428 - Flags: approval-mozilla-esr128?
Flags: needinfo?(sekim)

esr128 Uplift Approval Request

  • User impact if declined: When Microsoft's broker sends a cookie without device header, the SSO would not complete (on macOS).
  • Code covered by automated testing: no
  • Fix verified in Nightly: yes
  • Needs manual QE test: no
  • Steps to reproduce for manual QE testing: N/A
  • Risk associated with taking this patch: Low
  • Explanation of risk level: We are simply appending the headers instead of quickly returning (when there is less than two headers attached. Tested via a local signed Nightly build.
  • String changes made/needed: N/A
  • Is Android affected?: no
Attachment #9464428 - Flags: approval-mozilla-esr128? → approval-mozilla-esr128+
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: