Closed
Bug 337766
Opened 18 years ago
Closed 17 years ago
From a plugin, doing a post with NPN_PostURLNotify, the referer header is not sent by Firefox
Categories
(Core Graveyard :: Plug-ins, defect)
Core Graveyard
Plug-ins
Tracking
(Not tracked)
RESOLVED
INVALID
People
(Reporter: jmott, Unassigned)
Details
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.3) Gecko/20060426 Firefox/1.5.0.3 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.3) Gecko/20060426 Firefox/1.5.0.3 From inside the Flash plugin I'm doing a NPN_PostURLNotify. I'm specifying a number of headers, including referer. All the other headers make it to the server, but referer does not. Reproducible: Always Steps to Reproduce: 1. Get the Flash player 9 beta 2. Go to any site that does a POST Actual Results: Referer header is stripped out of the request Expected Results: Referer header makes it to the server. This works in Safari on Mac, but does not work in Firefox on Mac or Win.
Updated•18 years ago
|
URL: any
Component: General → Plug-ins
Product: Firefox → Core
QA Contact: general → plugins
Version: unspecified → Trunk
Comment 1•18 years ago
|
||
OK, do you have an example URL for "go to any site that does a POST"?
Whoops, that was harder than I thought. Try http://www.fontsforflash.com/ it does a couple of posts right off the bat. Also the release version of player 9 is available, no need to go back and try to dig up a beta version.
No longer an issue, we don't allow referer headers to be set any more for security reasons.
Status: UNCONFIRMED → RESOLVED
Closed: 17 years ago
Resolution: --- → INVALID
But why/how this works via Opera and Internet Explorer with Flash plug-in?
Comment 10•16 years ago
|
||
I dont confirm Vee's comment thats wrong I had checked HEADERS with IE6/7, FF2/3 and OPERA while my flash player fetchs FLV, there was no REFERRER header
Comment 12•14 years ago
|
||
(In reply to comment #3) > No longer an issue, we don't allow referer headers to be set any more for > security reasons. Can you explain why ? Because the security and so the responsability are the fact of the plugin used. In this case Firefox disables a plugin feature, and that's not it's role. So is this BUG being patched soon please ???
Updated•2 years ago
|
Product: Core → Core Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•