[Webkit-unassigned] [Bug 201457] New: Browser history includes the POST redirect page in the history on latest iOS versions

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Wed Sep 4 06:29:33 PDT 2019 

https://bugs.webkit.org/show_bug.cgi?id=201457

            Bug ID: 201457
           Summary: Browser history includes the POST redirect page in the
                    history on latest iOS versions
           Product: WebKit
           Version: WebKit Local Build
          Hardware: iPhone / iPad
                OS: iOS 12
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: History
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: pablobart+bugzilla at gmail.com

The behaviour of the back history has changed on the latest iOS versions 12.4 (as well as the current 13.0 beta) compared with iOS 12.1 or previous iOS versions (tested on 12.1, 11.4 and 10.3.2) when loading a website doing a POST redirect by submitting a form. 

Example page with a POST redirect (PRG):

<html>
<body>
    <form id="sso" method="POST" action="https://httpstat.us/303">
        <input type="hidden" name="test" value="test-value" />
    </form>
    <script>
        document.getElementById('sso').submit();
    </script>
</body>
</html>


On the latest iOS versions, the website doing the POST is added to the history, therefore navigating back is showing that 'empty' page. On previous iOS versions that page was not added to the history.



I wasn't able to locate exactly the version where this behaviour changed, but here are two user agents that have different behaviour:

An user agent that is adding the website to the history:
Mozilla/5.0 (iPhone; CPU iPhone OS 12_4 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.1.2 Mobile/15E148 Safari/604.1

User agent that is not adding the website to the history:
Mozilla/5.0 (iPhone; CPU iPhone OS 10_3_1 like Mac OS X) AppleWebKit/603.1.30 (KHTML, like Gecko) Version/10.0 Mobile/14E8301 Safari/602.1

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20190904/1f9a54ac/attachment.html>

More information about the webkit-unassigned mailing list