Closed Bug 673095 Opened 13 years ago Closed 5 years ago

Hang with too many Set-Cookie headers

Categories

(Core :: Networking: Cookies, defect, P3)

x86
Windows 7
defect

Tracking

()

RESOLVED INVALID

People

(Reporter: mssbyassg, Unassigned)

Details

(Keywords: hang, Whiteboard: [sg:dos][necko-backlog])

If someone sends a lot of cookies to the browser, it crashes. IE stays stable... <?php for($x=0;$x<100000;$x++) { setcookie('test'.$x, 'test', time()+3600); } ?>
Can you provide a crashID or a stack trace of such a crash ?
Firefox does not crash, it just hangs and does not throw any errors. Can't analyze it, but system performance goes up to 50% (dual core). Internet Explorer just rejects the TCP (HTTP) Packet if there are more than X Set-Cookies...
We have a general problem of trying to handle whatever sites send us, in this case too many headers but the same basic approach gets us into trouble if the site sends a never-ending (or at least very large) page. Is it worth adopting an upper limit? I believe we have a maximum length for a single header we accept, maybe we should give up if coalesced headers combine to an equivalent length.
Group: core-security
Component: Security → Networking: Cookies
Keywords: hang
Product: Firefox → Core
QA Contact: firefox → networking.cookies
Summary: Info: Problem with cookies → Hang with too many Set-Cookie headers
Whiteboard: [sg:dos]
Status: UNCONFIRMED → NEW
Ever confirmed: true
Whiteboard: [sg:dos] → [sg:dos][necko-backlog]
Priority: -- → P1
Priority: P1 → P3

Firefox actually doesn't crash. It rejects the entire channel. This bug is invalid.

Status: NEW → RESOLVED
Closed: 5 years ago
Resolution: --- → INVALID
You need to log in before you can comment on or make changes to this bug.