[tor-bugs] #21627 [Applications/Tor Browser]: HTTP 304 responses not handled correctly

[Tor Bug Tracker & Wiki]

#21627: HTTP 304 responses not handled correctly
-------------------------------------+-------------------------------------
     Reporter:  mcs                  |      Owner:  tbb-team
         Type:  defect               |     Status:  new
     Priority:  Medium               |  Milestone:
    Component:  Applications/Tor     |    Version:
  Browser                            |   Keywords:  tbb-
     Severity:  Normal               |  torbutton,TorBrowserTeam201703
Actual Points:                       |  Parent ID:
       Points:                       |   Reviewer:
      Sponsor:                       |
-------------------------------------+-------------------------------------
 This is a spinoff from #21396. While testing gk's fix for that bug, Kathy
 and I noticed messages like the following on the error console:

  15:09:57.836 NS_ERROR_NOT_AVAILABLE: Component returned failure code:
 0x80040111 (NS_ERROR_NOT_AVAILABLE) [nsIHttpChannel.getResponseHeader]1
 content-policy.js:99:0

 It turns out that this is caused by responses that have an HTTP status
 code of 304 ("Not Modified"); we saw them consistently when we reloaded
 the browserleaks.com page (which makes sense, since the browser sends
 conditional GET requests in that situation). These kinds of responses do
 not have a Location header.

 We should modify the Torbutton code in src/components/content-policy.js to
 add a try/catch around the call to  `getResponseHeader()` and not log
 anything if the response's status code is 304 (we probably want to log
 something in all other cases).

 This is not urgent since it is not a new problem, but it would be good to
 fix it soon.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/21627>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online