[Webkit-unassigned] [Bug 185732] New: Assets requested on behalf of another asset have the wrong Referer header
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu May 17 09:09:13 PDT 2018
https://bugs.webkit.org/show_bug.cgi?id=185732
Bug ID: 185732
Summary: Assets requested on behalf of another asset have the
wrong Referer header
Product: WebKit
Version: Safari 11
Hardware: Unspecified
OS: Unspecified
Status: NEW
Severity: Normal
Priority: P2
Component: Layout and Rendering
Assignee: webkit-unassigned at lists.webkit.org
Reporter: bernardo.araujo at shopify.com
CC: bfulgham at webkit.org, simon.fraser at apple.com,
zalan at apple.com
How to reproduce:
Scenario, request a page that have a CSS asset hosted by a CDN, this asset contain a few `font-face` declarations.
When requesting those fonts I would expect the `Referer` header to have the CDN domain in it, not my original webpage.
Example:
1. Page `example-a.com`
2. CDN `my-cdn.com` which hosts `myasset.css`
3. When `myasset.css` triggers a font request I would expect the `Referer` header to contain `my-cdn.com` instead of `example-a.com`
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20180517/ff31fd46/attachment.html>
More information about the webkit-unassigned
mailing list