[Webkit-unassigned] [Bug 139683] "Allow from current website only" privacy setting strips cookies from 302 redirects
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Sep 1 15:57:56 PDT 2015
https://bugs.webkit.org/show_bug.cgi?id=139683
--- Comment #3 from Patrick Toomey <ptoomey3 at biasedcoin.com> ---
That is great news! Can you clarify one point? When I first submitted this radar I only noticed the cookie stripping on a 302 redirect during the oauth flow. But, I recently noticed that the cookie stripping seems to occur on any third-party request. For example, if I set an image source to https://some_site/authenticated_image it also doesn't send previously set cookies. Will this upcoming fix work with subresources in addition to 302 redirects?
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-unassigned/attachments/20150901/73071569/attachment.html>
More information about the webkit-unassigned
mailing list