968332 - HTTP 302 Redirects not working with SPDY and push enabled if Basic Auth was triggered

Status: RESOLVED INACTIVE

(Core :: Networking: HTTP, defect, P3)

Description

[Jörn Berkefeld]

I have a website that triggers a 401 via PHP and then redirects to the same php-file but with some GET-variables attached to it via php's header()-function. The php-file in question gets a few files pushed via X-Associated-Content.

Test-Links & my results

https://nlv.bittubes.com/temp/mozilla/noauth_push/	network requests: / ->302, /?api=test ->200
https://nlv.bittubes.com/temp/mozilla/noauth_nopush/	network requests: / ->302, /?api=test ->200
https://nlv.bittubes.com/temp/mozilla/auth_nopush/	network requests: / ->401, / ->302, /?api=test ->200
https://nlv.bittubes.com/temp/mozilla/auth_push/ 	network requests: / ->401, / ->302, /?api=test ->nothing

in the auth_push-case my apache logs this:
[Wed Feb 05 19:37:35 2014] [warn] [client 37.5.13.142] [mod_spdy/0.9.4.1-397] [30509:30509:WARNING:spdy_session.cc(484)] Client sent RST_STREAM with INVALID_STREAM for stream 36.  Aborting stream.


I tested this in FF 26&27 and in  Aurora 28.0a2

In Aurora the failed test-case looks different but the result is the same:
/ ->401, / ->nothing
means that the 302 is not showing up and thus the /?api=test is never requested

Comment 1

[Jörn Berkefeld]

forgot: if asked for credentials you may enter anything, it's even ok to leave the password empty.

Comment 2

[Firefox Bug Husbandry Bot]

Bulk change to priority: https://bugzilla.mozilla.org/show_bug.cgi?id=1399258

Comment 3

[Firefox Bug Husbandry Bot]

Bulk change to priority: https://bugzilla.mozilla.org/show_bug.cgi?id=1399258

Comment 4

[Valentin Gosu [:valentin] (he/him)]

Fixed by disabling HTTP/2 push in bug 1915848.