In our GWT code, we create a RequestBuilder and do a

   In the cases we've found so far where the Content-Type does not

  In particular, this is happening for us with users running Firefox

  Since we own the server code as well, we can work around this

   We are using the Authorization header to send a session id on all

We are seeing some strange behavior in our GWT 2.0.3 application where some of the headers that I setup in RequestBuilder are not making it to the server. I should say right off that I'm not convinced this is a GWT specific problem; it really feels like a Firefox issue instead. Of course, in development, I always had the Firebug plug-in installed and never saw this problem, but now that we are starting to deploy our app to QA and beta customers, we have started to see this. So far - we have identified 2 http headers that are getting lost. 1. Content-type In our GWT code, we create a RequestBuilder and do a setHeader("Content-Type", "application/json"). In the cases we've found so far where the Content-Type does not make it to the server, we are doing a POST with no content. Since our server is expecting a Content-Type no matter what, we are failing on this request. In particular, this is happening for us with users running Firefox 3.6.13 on Windows 7. They are downloading the latest Firefox from mozilla.org, not adding any add-ons, and then immediately running our app and getting the missing 'Content-Type' header. If they add in the Firebug add-on, the problem disappears. Remove Firebug, and the problem comes back. They are not seeing this on Windows in Chrome or IE. So far we have been able to reproduce this locally only by bringing up Firefox in safe mode - at which point we've been able to reproduce both on Windows 7 and OS/X. Any idea why this would be happening? I'm confident the header is being set in all cases, since it is getting to the server in other browsers and when firebug is installed. Is Firefox 'helping' us by removing Content-Type on empty POSTS? Or...? Since we own the server code as well, we can work around this specific issue by allowing no Content-Type with empty POSTs - but once we do so, the next missing header we ran into is causing us problems... 2. Authorization We are using the Authorization header to send a session id on all requests after login. Again, while running Firefox in safe mode, we are seeing this header get dropped from our request before we get to the server. In FF in safe mode on Windows, I am seeing it stripped from the request every time. In FF in safe mode on OS/X, it appears to happen intermittently - we get 15-20 successful requests before it disappears. Again, in other browsers, or in Firefox with Firebug installed, the header is passed as expected all the time. After entering safe mode, I added in the Live Http Headers add-on; it helps me verify the headers aren't there as well, but doesn't get me any further towards understanding where/why they are disappearing. Any ideas on what is happening to our missing http headers or the best way to troubleshoot this would be most appreciated at this point. Thanks, Jo