Duplicate headers received from server

This error is very common to ASP.NET developers. If you have a web application that generates some file on the fly then prompts the user to download the file, then you may encounter “duplicate headers received from server” error.

Most likely the web application will use Response.AddHeader() method to push the file to the browser for downloading, something like this:

Response.AddHeader(“Content-Disposition”, “attachment;filename=” + outputFileName );

If the variable outputFileName contains comma, then you will get the above error.  This is done to prevent HTTP response splitting attacks. So you need to make sure there is no comma in the filename field, or if you need to have comma in the filename, then put the quotation marks around the filename as follows:

Response.AddHeader(“Content-Disposition”, “attachment;filename=\”” + outputFileName +”\””);

Hope this helps.

Leave a Reply

Notify of