Closed
Bug 846314
Opened 7 years ago
Closed 6 years ago
Playstation Store is sending multiple Access-Control-Allow-Origin headers
Categories
(Tech Evangelism Graveyard :: English US, defect)
Not set
Tracking
(Not tracked)
RESOLVED
WORKSFORME
People
(Reporter: jdm, Assigned: jdm)
References
Details
[jdm@rosencrantz build]$ curl https://store.sonyentertainmentnetwork.com/ -i HTTP/1.1 200 OK Access-Control-Allow-Headers: X-Requested-With Access-Control-Allow-Methods: GET Access-Control-Allow-Origin: https://store.sonyentertainmentnetwork.com/ Access-Control-Allow-Origin: http://store.sonyentertainmentnetwork.com/ Content-Type: text/html; charset=UTF-8 ETag: "28028b-221d1-4d58a5e970000" Last-Modified: Tue, 12 Feb 2013 17:29:36 GMT Server: Apache X-Cache-Lookup: HIT from ip-10.241.2.250:80 X-Frame-Options: SAMEORIGIN Expires: Thu, 28 Feb 2013 14:49:54 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Thu, 28 Feb 2013 14:49:54 GMT Transfer-Encoding: chunked Connection: keep-alive Connection: Transfer-Encoding
Assignee | ||
Comment 1•7 years ago
|
||
As described in bug 845273, this is correctly classified as invalid by Firefox, so the server output should be modified.
Assignee | ||
Comment 2•7 years ago
|
||
Contacted via twitter, since there does not appear to be an email contact method listed on the main Sony Entertainment Network website.
Contacted via Facebook, got a response from Playstation AU, so hopefully it's made it to the relevant people!
Page has been updated, no longer sending multiple access-control-allow-origin Accept-Ranges: bytes Access-Control-Allow-Headers: X-Requested-With Access-Control-Allow-Methods: GET access-control-allow-origin: https://store.sonyentertainmentnetwork.com/, http://store.sonyentertainmentnetwork.com/ Content-Encoding: gzip Content-Type: text/html; charset=UTF-8 Etag: "700327-236cd-4d6e7508c3d00" Last-Modified: Sat, 02 Mar 2013 01:48:04 GMT Server: Apache Vary: Accept-Encoding X-Cache-Lookup: HIT from ip-10.241.2.250:80 X-Frame-Options: SAMEORIGIN Content-Length: 23410 Expires: Mon, 25 Mar 2013 22:08:42 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Mon, 25 Mar 2013 22:08:42 GMT Connection: keep-alive 200 OK This doesn't seem to be entirely correct (having two urls delimited by a comma), but it's not sending two headers
Assignee | ||
Updated•6 years ago
|
Status: NEW → RESOLVED
Closed: 6 years ago
Resolution: --- → WORKSFORME
Updated•5 years ago
|
Product: Tech Evangelism → Tech Evangelism Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•