[Webkit-unassigned] [Bug 160905] New: Upgrade-Insecure-Request state is improperly retained between navigations

Tue Aug 16 11:44:12 PDT 2016

https://bugs.webkit.org/show_bug.cgi?id=160905

            Bug ID: 160905
           Summary: Upgrade-Insecure-Request state is improperly retained
                    between navigations
    Classification: Unclassified
           Product: WebKit
           Version: WebKit Nightly Build
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: WebCore Misc.
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: bfulgham at webkit.org

If you load a website that has the Upgrade-Insecure-Request header, then navigate to a second site that does NOT have the header set, WebKit will continue to process resource loads as though the UIR header was active.

While we want to perform sub-frame loads with an inherited UIR state, we do NOT want this to happen when performing a top-level navigation that replaces the content of the frame.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-unassigned/attachments/20160816/ee3eade2/attachment-0001.html>