{
	"id": "77620",
	"key": "AC-3075",
	"fields": {
		"issuetype": {
			"id": "1",
			"description": "A problem which impairs or prevents the functions of the product.",
			"name": "Bug",
			"subtask": false
		},
		"project": {
			"id": "12217",
			"key": "AC",
			"name": "Appcelerator - INBOX",
			"projectCategory": {
				"id": "10000",
				"description": "",
				"name": "Customer Service"
			}
		},
		"resolution": {
			"id": "8",
			"description": "",
			"name": "Needs more info"
		},
		"resolutiondate": "2011-07-08T09:27:41.000+0000",
		"created": "2011-07-08T07:37:17.000+0000",
		"labels": [
			"desktop",
			"headers",
			"http",
			"httpclient",
			"mac",
			"osx",
			"xhr"
		],
		"versions": [],
		"issuelinks": [],
		"assignee": {
			"name": "tguntharp",
			"key": "tguntharp",
			"displayName": "Tony Guntharp",
			"active": true,
			"timeZone": "America/Los_Angeles"
		},
		"updated": "2016-03-08T07:48:07.000+0000",
		"status": {
			"description": "The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.",
			"name": "Closed",
			"id": "6",
			"statusCategory": {
				"id": 3,
				"key": "done",
				"colorName": "green",
				"name": "Done"
			}
		},
		"components": [
			{
				"id": "14548",
				"name": "Titanium SDK & CLI",
				"description": "Please enter tickets related to the MobileSDK here."
			}
		],
		"description": "First noticed this with User-Agent header because my sever-side code compares this between requests to prevent session hijacking. My client application worked fine on Windows and Linux, but on OS X it would start sending junk as User-Agent header after a random number of requests and thus cause the server to consider the session invalid. I fixed this by explicitly setting the header to a certain value which seems to have prevented Titanium Desktop from corrupting it.\r\n\r\nNow, I started using basic http authentication to protect access to the server-side code that provides access to the database. Again, it works fine on Windows and Linux, but on OS X it randomly sends junk as authorization header around 50% of the times. I'm using HttpClient.setCredentials() method to set the header.\r\n\r\nI've also reported the problem and my workarounds on Q&A:\r\n[http://developer.appcelerator.com/question/17101/cookies-are-not-set-on-titanium-desktop-os-x]\r\n[http://developer.appcelerator.com/question/122273/titanium-desktop-httpclient-corrupting-headers-on-os-x]\r\n\r\nMy XHR functions that show problematic behaviour:\r\n{code}\r\nfunction getRemote(url, type, callback, credentials) {\r\n\t\tif (typeof credentials == 'undefined')\r\n\t\t\tcredentials = {\r\n\t\t\t\tusername: httpUsername,\r\n\t\t\t\tpassword: httpPassword\r\n\t\t\t};\r\n\r\n\t\tif (typeof Titanium == 'object') {\r\n\t\t\tvar httpClient = Titanium.Network.createHTTPClient();\r\n\t\t\tif (credentials.username && credentials.password)\r\n\t\t\t\t\thttpClient.setCredentials(credentials.username, credentials.password);\r\n\t\t\thttpClient.onreadystatechange = function(status, response) {\r\n\t\t\t\tif (httpClient.readyState == httpClient.DONE) {\r\n\t\t\t\t\tif (typeof callback == 'function') {\r\n\t\t\t\t\t\tif (type == 'json')\r\n\t\t\t\t\t\t\ttry {\r\n\t\t\t\t\t\t\t\tcallback(Titanium.JSON.parse(httpClient.responseText));\r\n\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t\tcatch(e) {\r\n\t\t\t\t\t\t\t\talert(url+' says: '+httpClient.responseText);\r\n\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\telse\r\n\t\t\t\t\t\t\tcallback(httpClient.responseText);\r\n\t\t\t\t\t}\r\n\t\t\t\t}\r\n\t\t\t};\r\n\t\t\thttpClient.open('GET', url);\r\n\t\t\thttpClient.send();\r\n\t\t}\r\n};\r\n\r\n\r\nfunction postRemote(url, data, type, callback, credentials) {\r\n\t\tif (typeof credentials == 'undefined')\r\n\t\t\tcredentials = {\r\n\t\t\t\tusername: httpUsername,\r\n\t\t\t\tpassword: httpPassword\r\n\t\t\t};\r\n\r\n\t\tif (typeof Titanium == 'object') {\r\n\t\t\tvar httpClient = Titanium.Network.createHTTPClient();\r\n\t\t\tif (credentials.username && credentials.password)\r\n\t\t\t\thttpClient.setCredentials(credentials.username, credentials.password);\r\n\t\t\thttpClient.onreadystatechange = function(status, response) {\r\n\t\t\t\tif (httpClient.readyState == httpClient.DONE) {\r\n\t\t\t\t\tif (typeof callback == 'function') {\r\n\t\t\t\t\t\tif (type == 'json')\r\n\t\t\t\t\t\t\ttry {\r\n\t\t\t\t\t\t\t\tcallback(Titanium.JSON.parse(httpClient.responseText));\r\n\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t\tcatch(e) {\r\n\t\t\t\t\t\t\t\talert(url+' says: '+httpClient.responseText);\r\n\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\telse\r\n\t\t\t\t\t\t\tcallback(httpClient.responseText);\r\n\t\t\t\t\t}\r\n\t\t\t\t}\r\n\t\t\t};\r\n\t\t\thttpClient.open('POST', url);\r\n\t\t\thttpClient.send(data);\r\n\t\t}\r\n};\r\n{code}\r\n\r\nThere are no useful Titanium logs to include, but I will provide a log file from my server side application that shows the headers it has received from an OSX client.\r\n\r\nlog-2011-07-11.txt is a log from my PHP application that enforces User Agent checks. It shows how Titanium Desktop for OSX corrupts User-Agent headers.\r\n\r\nPOv0.log is a log from my NodeJS application that asks for basic http authentication. It shows how Titanium Desktop for OSX corrutps Authorization headers.",
		"attachment": [
			{
				"id": "21778",
				"filename": "log-2011-07-11.txt",
				"author": {
					"name": "namelessone",
					"key": "namelessone",
					"displayName": "Miloš Rašić",
					"active": true,
					"timeZone": "America/Los_Angeles"
				},
				"created": "2011-07-11T06:58:41.000+0000",
				"size": 1828,
				"mimeType": "text/plain"
			},
			{
				"id": "21779",
				"filename": "POv0.log",
				"author": {
					"name": "namelessone",
					"key": "namelessone",
					"displayName": "Miloš Rašić",
					"active": true,
					"timeZone": "America/Los_Angeles"
				},
				"created": "2011-07-11T06:58:41.000+0000",
				"size": 1112,
				"mimeType": "text/plain"
			}
		],
		"flagged": false,
		"summary": "HttpClient on Titanium Desktop 1.2RC for OS X randomly sends corrupt headers",
		"creator": {
			"name": "namelessone",
			"key": "namelessone",
			"displayName": "Miloš Rašić",
			"active": true,
			"timeZone": "America/Los_Angeles"
		},
		"subtasks": [],
		"reporter": {
			"name": "namelessone",
			"key": "namelessone",
			"displayName": "Miloš Rašić",
			"active": true,
			"timeZone": "America/Los_Angeles"
		},
		"environment": "Titanium Desktop 1.2.0.RC1\r\nOSX 10.5.8",
		"comment": {
			"comments": [
				{
					"id": "159007",
					"author": {
						"name": "namelessone",
						"key": "namelessone",
						"displayName": "Miloš Rašić",
						"active": true,
						"timeZone": "America/Los_Angeles"
					},
					"body": "Did some more tests. On one occasion, the corrupt authorization header contained a piece of the request url when decoded from base64. In all other cases the decoded header is a junk string, but I noticed that some strings are repeating quite often, like for example: ��ż˝ďż˝ż˝~ďż˝Q:",
					"updateAuthor": {
						"name": "namelessone",
						"key": "namelessone",
						"displayName": "Miloš Rašić",
						"active": true,
						"timeZone": "America/Los_Angeles"
					},
					"created": "2011-07-08T07:52:05.000+0000",
					"updated": "2011-07-08T07:52:05.000+0000"
				},
				{
					"id": "159018",
					"author": {
						"name": "pdowsett",
						"key": "pdowsett",
						"displayName": "Paul Dowsett",
						"active": true,
						"timeZone": "Europe/London"
					},
					"body": "At the very least, we need some code in order to reproduce this issue. However, please also check the [Jira Ticket Checklist|http://wiki.appcelerator.org/display/guides/Contributing+to+Titanium#ContributingtoTitanium-Summary%3AJiraTicketChecklist] for any other information that may be missing. Once the ticket is complete, I will reopen. Thanks",
					"updateAuthor": {
						"name": "pdowsett",
						"key": "pdowsett",
						"displayName": "Paul Dowsett",
						"active": true,
						"timeZone": "Europe/London"
					},
					"created": "2011-07-08T09:27:41.000+0000",
					"updated": "2011-07-08T09:27:41.000+0000"
				},
				{
					"id": "159165",
					"author": {
						"name": "namelessone",
						"key": "namelessone",
						"displayName": "Miloš Rašić",
						"active": true,
						"timeZone": "America/Los_Angeles"
					},
					"body": "I've updated the ticket. Please take a look and feel free to request more information if it is needed.",
					"updateAuthor": {
						"name": "namelessone",
						"key": "namelessone",
						"displayName": "Miloš Rašić",
						"active": true,
						"timeZone": "America/Los_Angeles"
					},
					"created": "2011-07-11T06:59:51.000+0000",
					"updated": "2011-07-11T06:59:51.000+0000"
				},
				{
					"id": "163141",
					"author": {
						"name": "namelessone",
						"key": "namelessone",
						"displayName": "Miloš Rašić",
						"active": true,
						"timeZone": "America/Los_Angeles"
					},
					"body": "I've provided all the information I had according to the Jira Ticket Checklist and more. Why is the ticket closed as incomplete?",
					"updateAuthor": {
						"name": "namelessone",
						"key": "namelessone",
						"displayName": "Miloš Rašić",
						"active": true,
						"timeZone": "America/Los_Angeles"
					},
					"created": "2011-08-17T03:16:34.000+0000",
					"updated": "2011-08-17T03:16:34.000+0000"
				}
			],
			"maxResults": 4,
			"total": 4,
			"startAt": 0
		}
	}
}