You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Similar to #39, mod_auth_openid seems to be prepending an HTML document to the response sent to Chrome browsers when the request is received as the second or any subsequent request on an HTTP Keep-Alive connection.
To reproduce this, I simply log into my site protected by mod_auth_openid, then refresh the page quickly a couple of times. The first refresh opens a new HTTP connection to load the page, which displays normally in the browser, then the second refresh is made via the same connection. Here’s what Apache sends the browser in response:
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>200 OK</title>
</head><body>
<h1>OK</h1>
<p>This server could not verify that you
are authorized to access the document
requested. Either you supplied the wrong
credentials (e.g., bad password), or your
browser doesn't understand how to supply
the credentials required.</p>
<hr>
<address>Apache Server at mysite.com Port 443</address>
</body></html>
HTTP/1.1 200 OK
Date: Mon, 25 Feb 2013 05:02:41 GMT
Server: Apache
X-Powered-By: PHP/5.3.10-1ubuntu3.5
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
1feb
<!DOCTYPE html>
<html>
<head>
… the rest of the requested page …
Chrome does its best to display this as a web page, with the “OK” message at the top, followed by the HTTP headers of my actual page, followed by its contents.
This issue is 100% reproducible for me with Chrome 25 running on OS X 10.8.2. This problem does not occur with other browsers.
The text was updated successfully, but these errors were encountered:
Similar to #39, mod_auth_openid seems to be prepending an HTML document to the response sent to Chrome browsers when the request is received as the second or any subsequent request on an HTTP Keep-Alive connection.
To reproduce this, I simply log into my site protected by mod_auth_openid, then refresh the page quickly a couple of times. The first refresh opens a new HTTP connection to load the page, which displays normally in the browser, then the second refresh is made via the same connection. Here’s what Apache sends the browser in response:
Chrome does its best to display this as a web page, with the “OK” message at the top, followed by the HTTP headers of my actual page, followed by its contents.
This issue is 100% reproducible for me with Chrome 25 running on OS X 10.8.2. This problem does not occur with other browsers.
The text was updated successfully, but these errors were encountered: