Closed Bug 179400 Opened 17 years ago Closed 17 years ago

URI fragment present in HTTP Referer

Categories

(Core :: Networking: HTTP, defect, P2, major)

defect

Tracking

()

VERIFIED FIXED
mozilla1.3alpha

People

(Reporter: ville.skytta, Assigned: darin.moz)

References

()

Details

(Keywords: topembed+, Whiteboard: [http/1.1])

Attachments

(2 files)

User-Agent:       Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0.1) Gecko/20021003
Build Identifier: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0.1) Gecko/20021003

URI fragments are present in HTTP Referer headers sent by Mozilla 1.0.1, though
RFC 2616, section 14.36 explicitly forbids it.


Reproducible: Always

Steps to Reproduce:
Surf to http://some.where/quux#frag, click a link, watch the headers sent by
Mozilla.
Actual Results:  
You'll see the Referer header sent as:
Referer: http://some.where/quux#frag


Expected Results:  
The Referer header should be sent without the fragment:
Referer: http://some.where/quux
yup, we're not stripping the URL fragment :(
Severity: normal → major
Status: UNCONFIRMED → ASSIGNED
Ever confirmed: true
OS: Linux → All
Priority: -- → P2
Hardware: PC → All
Whiteboard: [http/1.1]
Target Milestone: --- → mozilla1.3alpha
Marking topembed+
Keywords: topembedtopembed+
RFC 2616 section 14.36 uses this language: "The URI MUST NOT include a fragment."

patch in hand...
Attached patch v1 patchSplinter Review
fixes the bug and does some long overdue cleanup of SetReferrer.
Attachment #106768 - Flags: review?(bbaetz)
Attachment #106768 - Flags: review?(bbaetz) → review+
Attachment #106768 - Flags: superreview?(bzbarsky)
Comment on attachment 106768 [details] [diff] [review]
v1 patch (-u10w for your reviewing pleasure)

sr=bzbarsky, but do we perhaps want to save mReferrer _after_ we have set the
userpass and ref to empty?
Attachment #106768 - Flags: superreview?(bzbarsky) → superreview+
bz: yeah, thanks for the suggestion.  i'll make that change.
fixed-on-trunk
Status: ASSIGNED → RESOLVED
Closed: 17 years ago
Resolution: --- → FIXED
*** Bug 144094 has been marked as a duplicate of this bug. ***
verified - trunk builds 11/20/02 win NT4, mac osX, linux rh6

before fix -
Referer:
http://slip/projects/dogbert/test/web/protocols/http/wa_http_index.html#navigationcase2

after -
Referer: http://slip/projects/dogbert/test/web/protocols/http/wa_http_index.html
Status: RESOLVED → VERIFIED
QA Contact: httpqa → tever
You need to log in before you can comment on or make changes to this bug.