Open
Bug 1721580
Opened 3 years ago
Updated 2 years ago
View-source on a POST result page silently resends POST data if page no longer in cache
Categories
(Toolkit :: View Source, defect, P3)
Toolkit
View Source
Tracking
()
NEW
People
(Reporter: Gijs, Unassigned)
References
Details
+++ This bug was initially created as a clone of Bug #479296 +++
(see bug 479296 comment 14 where Boris notes that view source does this.)
STEPS TO REPRODUCE:
- Load a POST result page
- Clear the cache.
- Tools > Browser Tools > Page source (or accel-U)
- Either make an HTTP log as you do this, or have access to the server, or use
a server that produces different output on every POST.
EXPECTED RESULTS: No silent repost
ACTUAL RESULTS: silent repost
For history traversal, we make sure to never do this. If the POST page is not cached, we put up a dialog asking the user whether to resend the POST data.
Is that the behavior we want here? Do we want something else (like showing the source of the live DOM, or offering the user a choice between those options)?
|
||
Updated•2 years ago
|
Severity: critical → --
|
||
Comment 1•2 years ago
|
||
I can easily reproduce on my machine.
It's possible to see the POST request in the BrowserToolbox. Just have it opened with the Network panel selected at the time when the page source is opened.
Honza
Severity: -- → S3
Has STR: --- → yes
Priority: -- → P3
You need to log in
before you can comment on or make changes to this bug.
Description
•