Buffer overflow related with Access-Control-Allow-Header size

Not reproducible Issue #14110516


Jesus O.
Oct 6, 2017
This issue is public.
Found in
  • Microsoft Edge
Found in build #
Reported by 1 person

Sign in to watch or report this issue.

Steps to reproduce

In Edge 40.15063.0.0, when a response contains an Access-Control-Allow-Header header whose size is higher than 1024 bytes, it crashes. Edge 40 doesn’t provide any kind of information about the issue, and information logged in Event Viewer related with the crash is not very useful. Seems like a buffer overflow.

Same kind of response in Edge 38 raises the issue "MLHttpRequest: Network Error 0x80070005, Access is denied.". Requests don’t work but at least browser doesn’t crash.

Jesús Oliva


0 attachments

    Comments and activity

    • Microsoft Edge Team

      Changed Assigned To to “James M.”

    • Hello,

      Thank you for providing this information about the issue. We are unable to reproduce this problem in Edge. Please update this case when you can provide us with a sample to test. Thank you so much for your assistance with this issue.

      Best Wishes,
      The MS Edge Team

    • Microsoft Edge Team

      Changed Status to “Not reproducible”

    You need to sign in to your Microsoft account to add a comment.

    Sign in