[Webkit-unassigned] [Bug 205390] Client side redirects are blocked on an iframe hosted page when Prevent cross-site tracking is on

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Thu Dec 19 11:52:21 PST 2019


https://bugs.webkit.org/show_bug.cgi?id=205390

--- Comment #4 from John Wilander <wilander at apple.com> ---
(In reply to Moran R from comment #3)
> Hi
> 1) We are using the Response.Redirect method in asp.net. Which is doing a
> client side redirect when called (after the page loads).
> I cannot send the code example because it's not isolated

>From what I can read, Response.Redirect is not a client-side redirect but a server-side redirect.

Some documentation here:
https://support.microsoft.com/en-us/help/307903/how-to-use-response-redirect-in-asp-net-with-visual-c-net

And this doc (https://docs.microsoft.com/en-us/previous-versions/iis/6.0-sdk/ms524309%28v%3dvs.90%29) says:

"The Redirect method sends the following explicit header, where URL is the value passed to the method, as shown in the following code:

Copy
HTTP 1.0 302 Object Moved 
Location  
http://www.microsoft.com"

… which is clearly a server-side redirect. Are you able to provide the HTTP headers in the redirect you send us?

> 2) In our scenario it affected our iframe. When we disabled the redirect,
> our iframe was loaded, so we are not blocked by cross-site tracking
> entirely.  When we tried to redirect our iframe from html1 to html2

Are html1 and html2 just two webpages or are they references to some technology you're using?

> the redirect was blocked

To me, blocked means there is no request and thus no reponse. Are you seeing or not seeing a request on the server?

> and we got a blank empty html : 
> <html>
> <head></head>
> <body></body>
> </html>

The above snippet indicates that a document was either loaded or synthesized. Is the above HTML from a server response to the redirect?

> 3) What i meant was just to load the parent page who holds the iframe
> inside, just the see the problem.

Got it. Please see my questions above. Thanks!

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20191219/9048269d/attachment.htm>


More information about the webkit-unassigned mailing list