Buffer overflow related with Access-Control-Allow-Header size
Not reproducible Issue #14110516
Steps to reproduce
In Edge 40.15063.0.0, when a response contains an Access-Control-Allow-Header header whose size is higher than 1024 bytes, it crashes. Edge 40 doesn’t provide any kind of information about the issue, and information logged in Event Viewer related with the crash is not very useful. Seems like a buffer overflow.
Same kind of response in Edge 38 raises the issue "MLHttpRequest: Network Error 0x80070005, Access is denied.". Requests don’t work but at least browser doesn’t crash.
Thanks,
Jesús Oliva
You need to sign in to your Microsoft account to add a comment.
Sign in