Anyone know what this means or if there is a list anywhere of all the error messages ?
We only get this in a webplayer build, does not happen when running in the editor.
It’s a nice thought to put such messages in Unity but not giving enough info to work out the problem makes it a bit pointless.
This means that you are somewhere setting the content-length header attribute manually in your code which for security reasons will no longer work in 4.3.
Thanks, have now found where we use that.
Is there a workaround, new way of doing this ?
Encountered the same issue.
Would be nice if “QA Guy” or his colleagues could update the Unity 4.3 release notes and the Unity docs with the as yet undocumented “security reasons” and breaking change that prevent existing code from working.
FYI: After digging around in the WWW code with reflection, I found this:
private static readonly string[] forbiddenHeaderKeys = new string[]
{
"Accept-Charset",
"Accept-Encoding",
"Access-Control-Request-Headers",
"Access-Control-Request-Method",
"Connection",
"Content-Length",
"Cookie",
"Cookie2",
"Date",
"DNT",
"Expect",
"Host",
"Keep-Alive",
"Origin",
"Referer",
"TE",
"Trailer",
"Transfer-Encoding",
"Upgrade",
"User-Agent",
"Via",
"X-Unity-Version"
};
Unity people: care to elaborate on this, and perhaps update your docs?
Cheers
Paul