Links with fragments break Referer header in request
Categories
(Core :: DOM: Security, defect, P2)
Tracking
()
Tracking | Status | |
---|---|---|
firefox124 | --- | fixed |
People
(Reporter: scott, Assigned: maltejur)
References
Details
(Whiteboard: [necko-triaged][domsecurity-active])
Attachments
(1 file)
Following a link which contains a fragment causes the "Referer" header to be omitted when reloading the page.
Steps to replicate
(I've used python.org as an accessible example, not because this is an issue with python.org.)
- Open "Network" pane of developer tools
- Visit https://docs.python.org
- Select the "modules" link in the header bar
- Confirm that the resulting network request includes a "Referer" header, set to something like "https://docs.python.org/3/index.html"
- Reload the page (F5/command-R or
window.location.reload();
) - Confirm that the network request still has the "Referer" header
- Select one of the alphabetical jump-links at the top of the page
These use fragments to jump to other elements on the already-loaded page - Reload the page
- Observe that network request no longer contains the "Referer" header
The same issue also occurs when following a link to a new page which also contains a fragment. e.g. following a link to example.com/#foo
results in an initial request that contains Referer
, but the header is omitted when reloading the page.
Updated•3 years ago
|
I think this should is coming from here:
already_AddRefed<nsIReferrerInfo> ReferrerInfo::CreateForFetch(
If I'm not mistaken, we can just compare the URIs without looking at the ref, and that would be OK?
Comment 2•7 months ago
|
||
Note that aPrincipal->EqualsURI
actually compares the URIs without Ref: Bug 1865119
Updated•7 months ago
|
Comment 3•7 months ago
•
|
||
Mh, maybe the ReferrerInfo::CreateForFetch()
should call a comparison of URI
s rather than Principal
s?
At least, if it wants to include the ref....
Comment 4•6 months ago
|
||
Malte, do you think you could take a look at this one?
Assignee | ||
Comment 5•6 months ago
|
||
Sure
Assignee | ||
Comment 6•5 months ago
|
||
Updated•5 months ago
|
Updated•5 months ago
|
Pushed by mjurgens@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/1c2a0facd686 Copy referrer info to new session history entry during fragment navigation r=freddyb
Comment 8•5 months ago
|
||
bugherder |
Updated•4 months ago
|
Description
•