[Webkit-unassigned] [Bug 137745] New: When in private mode, cookies in iFramed content are not set correctly
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Oct 15 11:32:15 PDT 2014
https://bugs.webkit.org/show_bug.cgi?id=137745
Summary: When in private mode, cookies in iFramed content are
not set correctly
Product: WebKit
Version: 528+ (Nightly build)
Platform: Macintosh
URL: http://run.plnkr.co/my0lgusP2UEYNTbL/
OS/Version: Mac OS X 10.9
Status: NEW
Severity: Normal
Priority: P2
Component: Frames
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: natenate at looker.com
I found this in Safari 7.1 and Webkit Nightly:
Steps to repro:
1. Start or restart Webkit
2. Put Webkit into Private Browsing mode
3. Browse to http://run.plnkr.co/my0lgusP2UEYNTbL/
4. Expect the text 'Cookie value is: CSRF-Token=is_this_set%3F' to be visible
5. !! Only see 'Cookie value is: '.
Summary:
The site loads a page, which includes iframed content. The iframed content should have access to a cookie value that is returned by the server (visible in headers) but is not available via Javascript.
Some interesting other observations:
* Sometimes this seems to happen in regular browsing mode, as well as private browsing
* If you right click the iframe, and select "Open Frame in New Tab", the page will load and render the correct value. Bizarrely, if you then go back to http://run.plnkr.co/my0lgusP2UEYNTbL/ and refresh the page, the iframe will load with the correct value!
* If the host is the same in the iframe and the parent frame, the issue is not reproducible: http://safe-everglades-1254.herokuapp.com/iframed
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list