The default bug view has changed. See this FAQ.

Corrupted Content Error on Firefox 12 and later due to an empty Location response header

RESOLVED FIXED

Status

()

Core
Networking
RESOLVED FIXED
5 years ago
5 years ago

People

(Reporter: kohei, Unassigned)

Tracking

Trunk
Points:
---

Firefox Tracking Flags

(firefox12-, firefox13-)

Details

(URL)

(Reporter)

Description

5 years ago
Beta testers are reporting that they're encountering the Corrupted Content Error on some sites, started with Firefox 12.

http://input.mozilla.com/ja/?product=firefox&version=12.0&q=Corrupted

Affected sites:
http://pex.jp/
https://my.studylink.govt.nz/siteminder-web/login.do
and maybe others

I couldn't find any existing bugs for Firefox 12, so I've filed a new one.
Both those sites contain a empty "Location: " response header.

That is specifically a security vulnerability the change was meant to close, so evangelism is in order.
Keywords: regression
(Reporter)

Updated

5 years ago
Keywords: dev-doc-needed, relnote
(Reporter)

Comment 2

5 years ago
People claim the issue is happening on Oracle's PeopleSoft applications. CCing Kev for outreach.
http://input.mozilla.com/ja/opinion/2802975
http://input.mozilla.com/ja/opinion/2802531

Another (Japanese) site from Firefox Input:
https://aqfr.net/
(Reporter)

Comment 3

5 years ago
Looks like http://pex.jp/ (in my comment 0) and https://aqfr.net/ (in my comment 2) are run by the same Japanese company. I'll try to reach out to them if needed.
(Reporter)

Updated

5 years ago
Summary: Corrupted Content Error on Firefox 12 and later → Corrupted Content Error on Firefox 12 and later due to an empty Location response header
(Reporter)

Comment 4

5 years ago
Bug 727495 was resolved dup of Bug 699502, so I'm doing the same for this.
Status: NEW → RESOLVED
Last Resolved: 5 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 699502

Updated

5 years ago
tracking-firefox12: --- → +
tracking-firefox13: --- → +
Status: RESOLVED → REOPENED
Depends on: 742174
Resolution: DUPLICATE → ---
No longer depends on: 742174
Depends on: 742174

Updated

5 years ago
tracking-firefox12: + → -
tracking-firefox13: + → -
Fixed by 742174: by popular demand we are now allowing empty Location headers again.
Status: REOPENED → RESOLVED
Last Resolved: 5 years ago5 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 742174
This is now mentioned on Firefox 12 for developers.
Keywords: dev-doc-needed → dev-doc-complete
(Reporter)

Comment 7

5 years ago
(In reply to Eric Shepherd [:sheppy] from comment #6)
> This is now mentioned on Firefox 12 for developers.

Ah, I've forgot to remove the dev-doc-needed keyword. Bug 742174 has been fixed to allow empty Location response headers again. I just removed the mention. Sorry for the confusion.
status-firefox11: unaffected → ---
status-firefox12: affected → ---
status-firefox13: affected → ---
status-firefox14: affected → ---
Keywords: dev-doc-complete, relnote
Resolution: DUPLICATE → FIXED
You need to log in before you can comment on or make changes to this bug.