Closed Bug 272712 Opened 20 years ago Closed 13 years ago

redirection limit exceeded

Categories

(Core :: Networking, defect)

Product:
Core
Component:
Networking
Platform:
x86
Windows XP
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED WORKSFORME

People

(Reporter: darin.moz, Unassigned)

References

(
URL
)

Details

Redirection limit exceeded while searching MSN from http://www.msnbc.com/

To repro:
1) Load http://www.msnbc.com/
2) On the left use "Search MSNBC" and enter the word 'trout'.
This bug happens with a stock Firefox 1.0 build.  Investigating...
Status: NEW → ASSIGNED
Hmm... it looks like the search request results in a redirect to:

  /?id=3053419&oldUrl=http://www.msnbc.com/filenotfound.asp

(which doesn't look right).  When we try to load that page, the response is
again a redirect to that same page.  This repeats until the "redirection limit
exceeded" error is triggered.

I'll check now to see what IE does differently.
IE sends this cookie header:

Cookie: MC1=V=3&GUID=237f036950b84cf0bebe2ac1a5d4ed6f; TZM=-480;
ASP.NET_SessionId=ohmx3n45apa42045ucrncwrt

But, Mozilla does not have the ASP.NET_SessionId cookie set.  This may explain
the problem.

I think the problem is that this cookie is set on the host "msnbc.msn.com" but
the search URL is for the host "www.msnbc.msn.com"

If the cookie were a domain cookie then this would not be a problem, but since
it is a host cookie, the cookie does not apply.

I suspect that the bug would go away if http://www.msnbc.msn.com/ were loaded
instead of http://www.msnbc.com/.
> I suspect that the bug would go away if http://www.msnbc.msn.com/ were loaded
> instead of http://www.msnbc.com/.

To my surprise, this is not true.  Need to investigate further to find out why.
Ah, because the ASP.NET_SessionId cookie is set when loading a frame on the page
that seems to be hard coded to the host "msnbc.msn.com" :-(
So, this is probably an evangelism bug since the site should really be using a
domain cookie here instead.

dwitte: what do you think?
I've seen previous comments about IE mixing up host and domain cookies... (or
not having the concept host cookies at all)
What mvl said. Evangelism would be nicer (and safer) unless we test IE
thoroughly and confirm the domain behavior.
Assignee: darin → nobody
Status: ASSIGNED → NEW
QA Contact: benc → networking
this works now and according to he comments this is was TE
Status: NEW → RESOLVED
Closed: 13 years ago
Resolution: --- → WORKSFORME
You need to log in before you can comment on or make changes to this bug.