[Webkit-unassigned] [Bug 159606] New: Empty referer header after WebKit session state restoration trips Bad Behavior Wordpress plugin
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Sat Jul 9 18:52:42 PDT 2016
https://bugs.webkit.org/show_bug.cgi?id=159606
Bug ID: 159606
Summary: Empty referer header after WebKit session state
restoration trips Bad Behavior Wordpress plugin
Classification: Unclassified
Product: WebKit
Version: Other
Hardware: PC
OS: Linux
Status: NEW
Severity: Normal
Priority: P2
Component: WebCore Misc.
Assignee: webkit-unassigned at lists.webkit.org
Reporter: mcatanzaro at igalia.com
CC: bugs-noreply at webkitgtk.org, cdumez at apple.com
Reproducible in Epiphany on many Wordpress blogs:
* Visit affected blog, e.g. https://blogs.gnome.org/mcatanzaro/
* Close browser (triggering session state save)
* Reopen browser (triggering session restoration)
It causes Wordpress to send an HTTP 400 error message, instead of properly reloading the page. Turns out we're tripping the Bad Behavior Wordpress plugin because we send an empty Referer header; Bad Behavior blocks the page load if the header is present but empty. I'm not sure why we are sending this empty header, but we should probably be saving the Referer in the session state. Alternatively we could just not send the Referer header, but I bet that would break other sites.
This is probably not reproducible in Safari because Cocoa ports do not reload pages after session restoration.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-unassigned/attachments/20160710/bfc2e717/attachment.html>
More information about the webkit-unassigned
mailing list