Open Bug 1610450 Opened 5 years ago Updated 3 years ago

Referrer Policy and about:blank/javascript: URL inheritance is broken

Tracking

()

Status:

NEW

People

(Reporter: annevk, Unassigned)

References

(Blocks 2 open bugs)

Details

(Keywords: csectype-disclosure, sec-low, Whiteboard: [domsecurity-backlog1])

Anne (:annevk)

Reporter

Description

•

5 years ago

See the tests I added in https://github.com/web-platform-tests/wpt/pull/21232. We ought to copy the referrer policy from the document the script executes in, but instead we drop the policy altogether going back to the default.

Christoph Kerschbaumer [:ckerschb]

Updated

•

5 years ago

Blocks: 1409600

Priority: -- → P3

Whiteboard: [domsecurity-backlog1]

Daniel Veditz [:dveditz]

Updated

•

5 years ago

Keywords: csectype-disclosure, sec-low

Christoph Kerschbaumer [:ckerschb]

Updated

•

4 years ago

Severity: normal → S3

Anne (:annevk)

Reporter

Updated

•

4 years ago

Blocks: 1423974

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Quick Search

Referrer Policy and about:blank/javascript: URL inheritance is broken

Categories

(Core :: DOM: Security, defect, P3)

Tracking

()

People

(Reporter: annevk, Unassigned)

References

(Blocks 2 open bugs)

Details

(Keywords: csectype-disclosure, sec-low, Whiteboard: [domsecurity-backlog1])

Crash Data

Security

(public)

User Story

Description

Updated

Updated

Updated

Updated