696646 - Cache should be skipped when redirect loop is detected

Status: NEW

(Core :: Networking: Cache, defect, P3)

Description

[Rowan Collins]

If a page (A) redirects to another page (B) with status 301, this redirect response is cached. If, at a later date, a change in policy means the old redirect is removed, and B instead redirects to A, the browser will follow both the old and the new redirect, creating a loop.

Firefox will detect this loop, and display a "this page is redirecting improperly" error, but the problem may actually be resolved on the server.

Would it be possible, on detecting a redirect loop, to suspend the cache, to see if the loop has actually been resolved by the server maintainer.

In other words, current behaviour is something like this:
Load B -> Load A [from cache] -> Load B [from cache] #LOOP DETECTED
The additional step would be:
Load B [skip cache] -> Load A [skip cache] #200 SUCCESS

(I've written more on this here: http://rwec.co.uk/q/cached-redirs)

Comment 2

[Firefox Bug Husbandry Bot]

Bulk change to priority: https://bugzilla.mozilla.org/show_bug.cgi?id=1399258

Comment 3

[Firefox Bug Husbandry Bot]

Bulk change to priority: https://bugzilla.mozilla.org/show_bug.cgi?id=1399258

Comment 4

[Josh Triplett]

I can confirm this.

I encountered this with a single-sign-on system. A server issues a 301 redirect to the single-sign-on system, then the SSO system redirects back to the original server after authenticating...but firefox has the 301 redirect cached, so it redirects right back to the SSO system. Disabling the cache (using the checkbox on the network console) forces Firefox to actually make the second request to the server, and get back a non-redirect.

The original server really shouldn't use a 301 redirect for this, but nonetheless, Firefox ought to handle this case.

Note that Chrome works on the same site.