[Webkit-unassigned] [Bug 159606] New: Empty referer header after WebKit session state restoration trips Bad Behavior Wordpress plugin

[bugzilla-daemon at webkit.org]

https://bugs.webkit.org/show_bug.cgi?id=159606

            Bug ID: 159606
           Summary: Empty referer header after WebKit session state
                    restoration trips Bad Behavior Wordpress plugin
    Classification: Unclassified
           Product: WebKit
           Version: Other
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: WebCore Misc.
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: mcatanzaro at igalia.com
                CC: bugs-noreply at webkitgtk.org, cdumez at apple.com

Reproducible in Epiphany on many Wordpress blogs:

 * Visit affected blog, e.g. https://blogs.gnome.org/mcatanzaro/
 * Close browser (triggering session state save)
 * Reopen browser (triggering session restoration)

It causes Wordpress to send an HTTP 400 error message, instead of properly reloading the page. Turns out we're tripping the Bad Behavior Wordpress plugin because we send an empty Referer header; Bad Behavior blocks the page load if the header is present but empty. I'm not sure why we are sending this empty header, but we should probably be saving the Referer in the session state. Alternatively we could just not send the Referer header, but I bet that would break other sites.

This is probably not reproducible in Safari because Cocoa ports do not reload pages after session restoration.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-unassigned/attachments/20160710/bfc2e717/attachment.html>