Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.

henock_barakael's avatar

ERR_RESPONSE_HEADERS_MULTIPLE_CONTENT_DISPOSITION

What means the error ERR_RESPONSE_HEADERS_MULTIPLE_CONTENT_DISPOSITION? How can i solve it?

$headers = [
            'Content-Type'        => 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet',
            'Content-Disposition' => 'attachment; filename='.$fileName,
        ];
0 likes
2 replies
LaryAI's avatar
LaryAI
AI
3 years ago
Level 58

The error ERR_RESPONSE_HEADERS_MULTIPLE_CONTENT_DISPOSITION occurs when there are multiple Content-Disposition headers in the response. In the provided code, there is only one Content-Disposition header, so the error may be caused by another part of the code or server configuration.

To solve this issue, you can try removing any other Content-Disposition headers that may be present in the response. You can also try setting the header using the header() function instead of the $headers array.

Example:

header('Content-Type: application/vnd.openxmlformats-officedocument.spreadsheetml.sheet');
header('Content-Disposition: attachment; filename='.$fileName);
flssol's avatar

FWIW, the issue is most likely coming from $fileName.

I know i am late to the game, but check - does it contain a coma?

Your best bet it to sanitize the filename on return. Here is a small function i use to make sure the download file names are compliant:

function (string $filename, string $placeholder = '') {
            $filename = preg_replace(
                '~
                [<>:"/\\\|?*]|           # file system reserved https://en.wikipedia.org/wiki/Filename#Reserved_characters_and_words
                [\x00-\x1F]|             # control characters http://msdn.microsoft.com/en-us/library/windows/desktop/aa365247%28v=vs.85%29.aspx
                [\x7F\xA0\xAD]|          # non-printing characters DEL, NO-BREAK SPACE, SOFT HYPHEN
                [#\[\]@!$&\'()+,;=]|     # URI reserved https://www.rfc-editor.org/rfc/rfc3986#section-2.2
                [{}^\~`]                 # URL unsafe characters https://www.ietf.org/rfc/rfc1738.txt
                ~x',
                $placeholder, $filename);
            // avoids ".", ".." or ".hiddenFiles"
            $filename = ltrim($filename, '.-');
            // "file   name.zip" becomes "file-name.zip"
            $filename = preg_replace(['/ +/'], $placeholder, $filename);
            // ensure we do not exceed the length
            // maximize filename length to 255 bytes http://serverfault.com/a/9548/44086
            $ext = pathinfo($filename, PATHINFO_EXTENSION);
            // now, cut
            $filename = mb_strcut(pathinfo($filename, PATHINFO_FILENAME), 0, 255 - ($ext ? strlen($ext) + 1 : 0), mb_detect_encoding($filename)) . ($ext ? '.' . $ext : '');
            // return
            return $filename;
        };

Please or to participate in this conversation.