Logged in to my business account today from
This usually indicates a web site that should be using SSL but isn't. My billing details were displayed. Knowing that the site was therefore not secure I hit sign out.
This produced the following
- "Duplicate headers received from server
- The response from the server contained duplicate headers. This problem is generally the result of a misconfigured website or proxy. Only the website or proxy administrator can fix this issue.
- Error 350 (net::ERR_RESPONSE_HEADERS_MULTIPLE_LOCATION): Multiple Location headers received. This is disallowed to protect against HTTP response splitting attacks."
Now this sounds like a problem for BT.com's website team. I tried for two hours to report this problem. In the process being passed from one team to another. I was repeatably assured that the website was safe to use but if I felt it wasn't I could use the telephone or email to access my account.
For me this has rasied 3 issues
- I couldn't get through to anyone who understood the problem.
- I couldn't get to find who to talk to re the problem.
- The agents who assured me that the site was safe to use need some further training before continuing with their day job.
Has anybody else noticed the issue?
