Closed
Bug 125749
Opened 23 years ago
Closed 23 years ago
referer does not work with secure http
Categories
(Core :: Networking: HTTP, defect)
Tracking
()
RESOLVED
WORKSFORME
People
(Reporter: hjtoi-bugzilla, Assigned: darin.moz)
References
Details
I got this in email. It refers to NS 6, but I am pretty sure it applies to Mozilla as well. I'll ask if the reporter could provide a test URL... Running under Secure-Sockets Layer (SSL), our web page attempts to read the HTTP_REFERER Server Variable (or HTTP Header), but fails to do so. There's no error, the value has simply vanished. Without SSL, the same web page does indeed read the value, as does all other versions (prior to 6) of Netscape, and all Internet Explorer versions as well.
Assignee | ||
Comment 1•23 years ago
|
||
heikki: we'd need a testcase for sure. mozilla does not send a Referer from one SSL site to another site. this allows the SSL site to encode sensitive information in URLs without fear that it will be leaked outside its domain. this means that if you click on a link from one SSL site to another SSL site, that there will be no Referer header sent. likewise if you click on a link from one SSL site to another non-SSL site. we need to know what the situation is here.
Reporter | ||
Comment 2•23 years ago
|
||
Since I haven't received any comments back, let's close this as worksforme.
Status: NEW → RESOLVED
Closed: 23 years ago
Resolution: --- → WORKSFORME
You need to log in
before you can comment on or make changes to this bug.
Description
•