[Webkit-unassigned] [Bug 188073] New: Same-Site cookies are not sent with same-origin redirect initiated from cross-origin navigation

Thu Jul 26 13:04:11 PDT 2018

https://bugs.webkit.org/show_bug.cgi?id=188073

            Bug ID: 188073
           Summary: Same-Site cookies are not sent with same-origin
                    redirect initiated from cross-origin navigation
           Product: WebKit
           Version: WebKit Nightly Build
          Hardware: Macintosh
                OS: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: WebCore Misc.
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: dbates at webkit.org

Let A, B be two registrable domains where A != B. Without loss of generality suppose that you load A/a1.html in the top-most frame and it redirects to B/b1.html that redirects to A/a2.html that redirects to A/a3.html. Then same-site cookies are never sent in the request to A/a3.html. But we should have sent same-site cookies in the request to A/a3.html because the request is same-site with A/a2.html, which initiated the load.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20180726/96954be5/attachment.html>