[Webkit-unassigned] [Bug 37087] New: HTTPS site, hit button button, page is refetched, however some of the form inputs is from cache
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Apr 5 07:59:25 PDT 2010
https://bugs.webkit.org/show_bug.cgi?id=37087
Summary: HTTPS site, hit button button, page is refetched,
however some of the form inputs is from cache
Product: WebKit
Version: 420+
Platform: All
OS/Version: All
Status: UNCONFIRMED
Severity: Normal
Priority: P4
Component: Forms
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: abfmwei at gmail.com
This is how the exception can be reproduced on a secure HTTPS web site,
1. Hit a secure HTTPS page - HTTP GET, hidden input __EVENTVALIDATION =
'jkdlsfjalfdsja'
2. Hit a button on the page - HTTP POST
3. Server responds with 302 redirect - HTTP GET, hidden input __EVENTVALIDATION
= 'dfjkslaiowed'
4. Hit Back button, page is refetched - HTTP GET, hidden input
__EVENTVALIDATION = 'dfjkslaiowed'
5. Hit a button on the page - HTTP POST, traffic sniffer shows
__EVENTVALIDATION = 'jkdlsfjalfdsja', while it should be __EVENTVALIDATION =
'dfjkslaiowed'
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list