Open Bug 479296 Opened 12 years ago Updated 9 years ago

Saving POST result page silently resends POST data if page no longer in cache

Categories

(Firefox :: File Handling, defect)

defect
Not set
critical

Tracking

()

People

(Reporter: bzbarsky, Unassigned)

References

(Depends on 1 open bug)

Details

(Keywords: uiwanted)

STEPS TO REPRODUCE:

1)  Load a POST result page
2)  Clear the cache.
3)  File > Save As
4)  Save as "HTML only"
5)  Either make an HTTP log as you do this, or have access to the server, or use
    a server that produces different output on every POST.

EXPECTED RESULTS: No silent repost

ACTUAL RESULTS: silent repost

Now that bug 84106 is fixed, we'll at least _try_ to hit the cache before reposting, but if the content has expired from cache we'll happily redo the POST.  If you're saving a purchase confirmation page, you might end up repeating the purchase as a result.

For history traversal, we make sure to never do this.  If the POST page is not cached, we put up a dialog asking the user whether to resend the POST data.

Is that the behavio we want here?  Do we want something else (like just aborting the save operation)?
What happens if you Ctrl A, right-click -> View Selection Source, then in the "DOM Source of Selection" window do File -> Save Page As...?
If that doesn't repost could this be the wanted behaviour?
> What happens if

That calls ViewSourceSavePage(), which does a GET on the original page URL.  So it's completely broken for POST pages no matter what.  Want to file a bug on that?
(In reply to comment #2)
I think that's bug 469302, is it fixed on trunk and branch?
No, it is NOT bug 469302.  That bug is about the source shown.  Comment 2 is about the source saved (which is distinctly different from what's shown).  Neither has anything to do with this bug.
OS: Mac OS X → All
Hardware: x86 → All
Version: unspecified → Trunk
"Please pay me $5 via PayPal and save two copies of the confirmation page -- one for your files and one to send to me."
Blocks: 485196
Need UI spec; see end of comment 0.
Keywords: uiwanted
Some development references:

* The place where the "web browser persist" component sets the channel
   properties, to control whether an URL is loaded from the cache:

http://mxr.mozilla.org/mozilla-central/source/embedding/components/webbrowserpersist/src/nsWebBrowserPersist.cpp#1194

* The place where the docshell sets the HTTP channel properties, to control
   whether an URL is loaded *only* from the cache:

http://mxr.mozilla.org/mozilla-central/source/docshell/base/nsDocShell.cpp#7532

* The docshell code that handles the case where a document was not found in
   the cache, and asks the user whether to repost:

http://mxr.mozilla.org/mozilla-central/source/docshell/base/nsWebShell.cpp#1198

* The actual repost dialog implementation:

http://mxr.mozilla.org/mozilla-central/source/docshell/base/nsDocShell.cpp#8991


The open question from comment 0 is still if, when "Save As" requires a repost,
we should:
 * Put up a dialog asking the user whether to resend the POST data
 * Abort the save
 * Something else
Noting related bug 177329.
Depends on: 486921
This should block bug 288462
You need to log in before you can comment on or make changes to this bug.