Description
When a Response does not contain a Content-Type header, Symfony falls back to the format defined in the Accept header of the request, leading to a possible mismatch between the response's content and Content-Type header. When the response is cached, this can lead to a corrupted cache where the cached format is not the right one.
Resolution
Symfony does not use the Accept header anymore to guess the Content-Type.
The patch for this issue is available here for the 4.4 branch.
Credits
I would like to thank Xavier Lacot from JoliCode for reporting & Yonel Ceruto and Tobias Schultze for fixing the issue.
xavierlacot Analyst
yceruto Analyst
Tobion Analyst
Description
When a
Responsedoes not contain aContent-Typeheader, Symfony falls back to the format defined in theAcceptheader of the request, leading to a possible mismatch between the response's content andContent-Typeheader. When the response is cached, this can lead to a corrupted cache where the cached format is not the right one.Resolution
Symfony does not use the
Acceptheader anymore to guess theContent-Type.The patch for this issue is available here for the 4.4 branch.
Credits
I would like to thank Xavier Lacot from JoliCode for reporting & Yonel Ceruto and Tobias Schultze for fixing the issue.