Closed
Bug 740801
Opened 14 years ago
Closed 1 month ago
Multiple cookies are returned by getResponseHeader separated by a carriage return
Categories
(Core :: Networking: Cookies, defect, P5)
Tracking
()
RESOLVED
WONTFIX
People
(Reporter: mkaply, Unassigned)
Details
(Whiteboard: [necko-would-take])
According to the code here:
https://mxr.mozilla.org/mozilla-central/source/netwerk/protocol/http/nsHttpHeaderArray.h#189
Requesting Set_Cookie headers with getResponseHeader returns the cookies separated by a carriage returns (versus ', ' for the rest of the spec).
This means that if you do:
request.setResponseHeader("Set-Cookie", request.getResponseHeader("Set-Cookie"));
it fails if there are multiple cookies.
if getResponseHeader can return values with carriage returns, setResponseHeader should be smart enough to accept values with carriage returns.
At the bare minimum, this behavior should at least be documented somewhere.
|
||
Updated•10 years ago
|
Whiteboard: [necko-would-take]
|
||
Comment 1•8 years ago
|
||
Bulk change to priority: https://bugzilla.mozilla.org/show_bug.cgi?id=1399258
Priority: -- → P5
|
||
Updated•3 years ago
|
Severity: normal → S3
|
Reporter | |
Comment 2•1 month ago
|
||
Closing WONTFIX. Set-Cookie is now a forbidden response-header name per the Fetch standard, so getResponseHeader("Set-Cookie") and getAllResponseHeaders() omit it entirely from web content. The roundtrip scenario this bug describes is no longer reachable. Chrome-privileged code needing cookie data should use nsICookieService or read from the nsIHttpChannel directly rather than going through XHR header strings.
Status: NEW → RESOLVED
Closed: 1 month ago
Resolution: --- → WONTFIX
You need to log in
before you can comment on or make changes to this bug.
Description
•