Search code examples
flashhttpheaderhttp-refererplaystation3

Duplicate Referrer Header - HTTP.sys barfs

I have been testing the PS3 browser (NetFront) with embedded Flash components on a web page and there seems to be a rather serious bug with the way that any requests from Flash are issued. The browser is adding a referrer (referer) and so is the Flash player resulting in duplicate headers. This is actually OK if the referrer headers are the same, however they are not, and as a result the request is stopped by http.sys on W2k8. This is a major issue for me as I have a Flash component that needs to call web services in order to function.

Is there some way that we can filter or allow these requests through, possibly stripping the duplicate headers along the way.

Some solutions that we have thought of but are either suboptimal or not possible with our development and live environments are:

  • Adding a proxy in front of the servers to clean the request.
  • Fixing the request at our load balancers. This may work on our live environment but not in dev. Also using a load balancer to perform this operation is bad practise, our operations team would not be pleased :)
  • Send all data to Flash during initialisation via flashvars. Possibly doing any updates/callbacks via Javascript. This feels messy and is would require significant custom code for one platform.
  • Prevent the browser or Flash from sending referrer headers. This would be acceptable, however there doesn't seem to be a way of enabling this in Flash or NetFront.

For reference the following request will reproduce the problem (copy and paste into Fiddler or other tool, I'm assuming you are running IIS7, W2K8 as we are). You should get a 400 Bad Request response.

GET / HTTP/1.1
Host: localhost
Referer: http://localhost/NetFrontBrowser/
Referer: http://localhost/Flash/

Many thanks

Solution

  • stmedit from the Windows DDK "demonstrates replacing a string pattern for a Transmission Control Protocol (TCP) connection using the Windows Filtering Platform (WFP)".

    A little bit of additional hackery turns it into an FSM which can dump all but the first referrer string.