I’ve just added a bit more security on to the system I’m working on and for that, I needed to check what the Content-type of the content the browser was sending (as I’m looking at checking that it’s an “application/x-amf” content type requested via Flash). Since I’m using Zend_Framework and wanted to make the check in the controller, it seemed sensible to use:
if (!($this->getRequest()->getHeader('Content-type')=='application/x-amf')) {
throw new Exception('Not a valid request');
}
which worked ok in Firefox. However, when testing in Internet Explorer, I always got “Not a valid request”… Why? Well, IE sends a “Content-Type” header instead of “Content-type”: note the different capitalisation!
It gets worse! Google Chrome (based on Apple WebKit), sends “content-type”.
Here’s the summary
| Browser | Content type field | Content length field |
|---|---|---|
| Google Chrome 2.0.172.33 | content-type | Content-Length |
| Firefox 3.0.11 | Content-type | Content-Length |
| Microsoft Internet Explorer 8.0 | Content-Type | Content-Length |
| Safari 4.0 | Content-Type | Content-Length |
Hope it helps somebody else!
2 Comments
Tough luck there Richard.
You only testing IE8? What about IE6?
You should count yourself lucky you only have four browsers to test. This is my list of supported browsers…
Windows
=======
IE6
IE7
IE8
FF2
FF3
CHROME
SAF 3
OPERA 9
Mac
===
SAF 2
SAF 3
SAF 4
FF 3
OPERA 9
Hi Tom,
We’ve got a similar matrix – but this is just “first stage” testing (IE8, FF 3, Chrome and Safari): once we’ve got the code working, we’ll then testing on the various combinations (we’ve recently decided to make our jobs a bit easier and only support Flash 10+: previously we had 4 different versions of Flash on 8 different browsers across 5 different OS’s!).
Comments are closed.