-
Notifications
You must be signed in to change notification settings - Fork 65
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
The Content-Type
is added multiple time but it is a singleton field as per Spec
#7268
The Content-Type
is added multiple time but it is a singleton field as per Spec
#7268
Comments
Content-Type
is added multiple time but it is a singleton field as per Spec
The |
This issue is NOT closed with a proper Reason/ label. Make sure to add proper reason label before closing. Please add or leave a comment with the proper reason label now. |
Description:
As per RFC 9110:
Although Content-Type is defined as a singleton field, it is sometimes incorrectly generated multiple times, resulting in a combined field value that appears to be a list. Recipients often attempt to handle this error by using the last syntactically valid member of the list, leading to potential interoperability and security issues if different implementations have different error handling behaviors.
Steps to reproduce:
Run both services by enabling the trace logs
Make a cURL request to the passthrough service with a
Content-Type
header:$ curl -v http://localhost:9090/api/path -H "Content-Type: application/json"
In the trace logs of the backend you can see that the
Content-Type
header is added twice:According to the spec the value should be overwritten
The text was updated successfully, but these errors were encountered: