Open
Bug 751462
Opened 12 years ago
Updated 3 years ago
intl.accept_languages pref should be validated before use
Categories
(Core :: Networking: HTTP, defect, P5)
Core
Networking: HTTP
Tracking
()
NEW
People
(Reporter: rnewman, Unassigned)
Details
(Whiteboard: [necko-backlog])
In Bug 751443, a user reported a busted browser. Turns out that intl.accept_languages included a value that resulted in this header being sent: Accept-Language: en-US,en;q=0.9,fr;q=0.8,en-ca ;q=0.6,en-gb;q=0.5,eo-EO;q=0.4,eo;q=0.3,fr-FR;q=0.1 … with newline, and possibly non-printing characters. Sync had synced this pref to his machine, resulting in borkage. We don't know how the pref got this way -- bad addon? bad user input? disk corruption? -- but removing whitespace from the string in about:config fixed things (and Sync propagated the fixed value). It seems prudent for nsHttpHandler to validate or otherwise guard against bad values here, rather than dumping the value of the pref directly onto the wire.
|
||
Updated•8 years ago
|
Whiteboard: [necko-backlog]
|
||
Comment 1•7 years ago
|
||
Bulk change to priority: https://bugzilla.mozilla.org/show_bug.cgi?id=1399258
Priority: -- → P1
|
|
||
Comment 2•7 years ago
|
||
Bulk change to priority: https://bugzilla.mozilla.org/show_bug.cgi?id=1399258
Priority: P1 → P3
|
||
Comment 3•3 years ago
|
||
Bulk-downgrade of unassigned, untouched DOM/Storage bug's priority.
If you have reason to believe, this is wrong, please write a comment and ni :jstutte.
Severity: normal → S4
Priority: P3 → P5
You need to log in
before you can comment on or make changes to this bug.
Description
•