New STS header in Bugzilla::CGI causes malformed header error due to lack of Content-Type naming

RESOLVED FIXED in Bugzilla 4.0

Status

()

Bugzilla
Creating/Changing Bugs
--
blocker
RESOLVED FIXED
8 years ago
8 years ago

People

(Reporter: Frédéric Buclin, Assigned: reed)

Tracking

({regression})

Bugzilla 4.0
regression
Bug Flags:
approval +

Details

Attachments

(1 attachment)

(Reporter)

Description

8 years ago
I cannot display any bug. landfill displays the source code, and my local installation simply crashes with:

malformed header from script. Bad header=Text/html: show_bug.cgi

mkanat suspects this is due to the STS bug.
(Reporter)

Comment 1

8 years ago
OK, it's definitely a regression due to the STS bug. Backing out the patch fixes the problem (which I'm going to do if this bug is not fixed quickly).
Depends on: 562475
(Reporter)

Updated

8 years ago
Summary: Cannot display bugs (STS problem?) → The strict-transport-security implementation prevents bugs from being displayed
(Assignee)

Comment 2

8 years ago
From `perldoc CGI`:
       Several routines are commonly called with just one argument.  In the case of these routines you can provide the
       single argument without an argument name.  header() happens to be one of these routines.  In this case, the
       single argument is the document type.

          print $q->header('text/html');
Summary: The strict-transport-security implementation prevents bugs from being displayed → New STS header in Bugzilla::CGI causes malformed header error due to lack of Content-Type naming
(Assignee)

Comment 3

8 years ago
Created attachment 454376 [details] [diff] [review]
patch - v1

Always give the Content-Type header a name, not just in the case of cookies existing.
Assignee: create-and-change → reed
Status: NEW → ASSIGNED
Attachment #454376 - Flags: review?(LpSolit)
(Reporter)

Updated

8 years ago
Attachment #454376 - Flags: review?(LpSolit) → review+
(Reporter)

Comment 4

8 years ago
Comment on attachment 454376 [details] [diff] [review]
patch - v1

This fixes the problem. r=LpSolit
(Reporter)

Updated

8 years ago
Flags: approval+
(Assignee)

Comment 5

8 years ago
Committing to: bzr+ssh://bzr.mozilla.org/bugzilla/trunk/
modified Bugzilla/CGI.pm
Committed revision 7254.
Status: ASSIGNED → RESOLVED
Last Resolved: 8 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.