Buffer overflow related with Access-Control-Allow-Header size

Not reproducible Issue #14110516

Open new issue

Browse all tracked issues

Details

Author
Jesus O.
Created
Oct 6, 2017
Privacy
This issue is public.
Found in
  • Microsoft Edge
Found in build #
40.15063
Reports
Reported by 1 person

Sign in to watch or report this issue.

Steps to reproduce

In Edge 40.15063.0.0, when a response contains an Access-Control-Allow-Header header whose size is higher than 1024 bytes, it crashes. Edge 40 doesn’t provide any kind of information about the issue, and information logged in Event Viewer related with the crash is not very useful. Seems like a buffer overflow.

Same kind of response in Edge 38 raises the issue "MLHttpRequest: Network Error 0x80070005, Access is denied.". Requests don’t work but at least browser doesn’t crash.

Thanks,
Jesús Oliva

Attachments

0 attachments

    Comments and activity

    • Microsoft Edge Team

      James M. Oct 16, 2017 2017-10-16T20:02:14.11Z

      Changed Assigned To to “James M.”

    • James M. Oct 16, 2017 2017-10-16T20:02:36.28Z Microsoft Edge Team

      Hello,

      Thank you for providing this information about the issue. We are unable to reproduce this problem in Edge. Please update this case when you can provide us with a sample to test. Thank you so much for your assistance with this issue.

      Best Wishes,
      The MS Edge Team

    • Microsoft Edge Team

      James M. Oct 27, 2017 2017-10-27T23:31:55.16Z

      Changed Status to “Not reproducible”

    You need to sign in to your Microsoft account to add a comment.

    Sign in