Where did you install Firefox from? Help Mozilla uncover 3rd party websites that offer problematic Firefox installation by taking part in our campaign. There will be swag, and you'll be featured in our blog if you manage to report at least 10 valid reports!

Avatar for Username

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

This thread was archived. Please ask a new question if you need help.

Content-Type and Authorization Headers getting dropped from request

  • 4 replies
  • 8 have this problem
  • 13 views
  • Last reply by ReidH

jopelkey
jopelkey
more options

We are seeing some strange behavior in our GWT 2.0.3 application where some of the headers that I setup in RequestBuilder are not making it to the server. I should say right off that I'm not convinced this is a GWT specific problem; it really feels like a Firefox issue instead.

Of course, in development, I always had the Firebug plug-in installed and never saw this problem, but now that we are starting to deploy our app to QA and beta customers, we have started to see this.

So far - we have identified 2 http headers that are getting lost. 1. Content-type 

   In our GWT code, we create a RequestBuilder and do a

setHeader("Content-Type", "application/json"). 

   In the cases we've found so far where the Content-Type does not

make it to the server, we are doing a POST with no content. Since our server is expecting a Content-Type no matter what, we are failing on this request. 

  In particular, this is happening for us with users running Firefox

3.6.13 on Windows 7. They are downloading the latest Firefox from mozilla.org, not adding any add-ons, and then immediately running our app and getting the missing 'Content-Type' header. If they add in the Firebug add-on, the problem disappears. Remove Firebug, and the problem comes back. They are not seeing this on Windows in Chrome or IE. So far we have been able to reproduce this locally only by bringing up Firefox in safe mode - at which point we've been able to reproduce both on Windows 7 and OS/X.

Any idea why this would be happening? I'm confident the header is being set in all cases, since it is getting to the server in other browsers and when firebug is installed. Is Firefox 'helping' us by removing Content-Type on empty POSTS? Or...? 

  Since we own the server code as well, we can work around this

specific issue by allowing no Content-Type with empty POSTs - but once we do so, the next missing header we ran into is causing us problems...

2. Authorization 

   We are using the Authorization header to send a session id on all

requests after login. Again, while running Firefox in safe mode, we are seeing this header get dropped from our request before we get to the server. In FF in safe mode on Windows, I am seeing it stripped from the request every time. In FF in safe mode on OS/X, it appears to happen intermittently - we get 15-20 successful requests before it disappears. Again, in other browsers, or in Firefox with Firebug installed, the header is passed as expected all the time.

After entering safe mode, I added in the Live Http Headers add-on; it helps me verify the headers aren't there as well, but doesn't get me any further towards understanding where/why they are disappearing.

Any ideas on what is happening to our missing http headers or the best way to troubleshoot this would be most appreciated at this point.

Thanks, Jo

We are seeing some strange behavior in our GWT 2.0.3 application where some of the headers that I setup in RequestBuilder are not making it to the server. I should say right off that I'm not convinced this is a GWT specific problem; it really feels like a Firefox issue instead. Of course, in development, I always had the Firebug plug-in installed and never saw this problem, but now that we are starting to deploy our app to QA and beta customers, we have started to see this. So far - we have identified 2 http headers that are getting lost. 1. Content-type In our GWT code, we create a RequestBuilder and do a setHeader("Content-Type", "application/json"). In the cases we've found so far where the Content-Type does not make it to the server, we are doing a POST with no content. Since our server is expecting a Content-Type no matter what, we are failing on this request. In particular, this is happening for us with users running Firefox 3.6.13 on Windows 7. They are downloading the latest Firefox from mozilla.org, not adding any add-ons, and then immediately running our app and getting the missing 'Content-Type' header. If they add in the Firebug add-on, the problem disappears. Remove Firebug, and the problem comes back. They are not seeing this on Windows in Chrome or IE. So far we have been able to reproduce this locally only by bringing up Firefox in safe mode - at which point we've been able to reproduce both on Windows 7 and OS/X. Any idea why this would be happening? I'm confident the header is being set in all cases, since it is getting to the server in other browsers and when firebug is installed. Is Firefox 'helping' us by removing Content-Type on empty POSTS? Or...? Since we own the server code as well, we can work around this specific issue by allowing no Content-Type with empty POSTs - but once we do so, the next missing header we ran into is causing us problems... 2. Authorization We are using the Authorization header to send a session id on all requests after login. Again, while running Firefox in safe mode, we are seeing this header get dropped from our request before we get to the server. In FF in safe mode on Windows, I am seeing it stripped from the request every time. In FF in safe mode on OS/X, it appears to happen intermittently - we get 15-20 successful requests before it disappears. Again, in other browsers, or in Firefox with Firebug installed, the header is passed as expected all the time. After entering safe mode, I added in the Live Http Headers add-on; it helps me verify the headers aren't there as well, but doesn't get me any further towards understanding where/why they are disappearing. Any ideas on what is happening to our missing http headers or the best way to troubleshoot this would be most appreciated at this point. Thanks, Jo

All Replies (4)

cor-el
cor-el
  • Moderator
  • Top 10 Contributor
more options

A good place to ask questions and advice about web development is at the mozillaZine Web Development/Standards Evangelism forum.
The helpers at that forum are more knowledgeable about web development issues.
You need to register at the mozillaZine forum site in order to post at that forum.

See http://forums.mozillazine.org/viewforum.php?f=25

rnewman@mozilla.com
rnewman@mozilla.com
more options

Hi Jo,

I'm investigating what looks like a similar problem. Have you made any further progress recently?

Please feel free to reply here or via email.

Thanks!

jopelkey
jopelkey Question owner
more options

Unfortunately, no - I haven't made much progress here. There is a little more information on things I've tried in the web development forum on mozilla in this thread - maybe some idea in there will help you?

http://forums.mozillazine.org/viewtopic.php?f=25&t=2103539

Please also let me know if you figure anything out.

Jo

ReidH
ReidH
more options

I encountered this issue too. For me, it turned out to be an issue with the mod security setting on our Apache web server. FireFox appends a "charset: UFT-8" descripter to the end of the Content-Type header. This triggered the Apache security setting which then blocked this header setting. Please see this article for further information: http://techblogbydave.blogspot.com/2008/08/firefox-3-content-type-header-conflict.html