[Webkit-unassigned] [Bug 206957] New: iFrames no longer respect referrerpolicy attribute value in ITP

[bugzilla-daemon at webkit.org]

https://bugs.webkit.org/show_bug.cgi?id=206957

            Bug ID: 206957
           Summary: iFrames no longer respect referrerpolicy attribute
                    value in ITP
           Product: WebKit
           Version: Safari Technology Preview
          Hardware: Unspecified
               URL: https://jackwellborn.com/playground/iFrameReferrerTest
                    /top.html?foo=bar
                OS: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: Frames
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: w0nka at mac.com

Hello,

The link provided shows several iframes that have a referrerpolicy="same-origin". The expected behavior shown in current Safari, Firefox, and Chrome is that both the friendly and sandboxed same-origin iframes get the full referrer while the cross-origin iframes get nothing. In Safari Technology Preview Release 99, the sandboxed iframe is also getting nothing. In the very least I would like to know whether this is a bug or if downgrading document.referrer to eTLD+1 even when the owner explicitly opts to share more information is an intended part of ITP 2.3 https://webkit.org/blog/9521/intelligent-tracking-prevention-2-3/. 

Thanks.

~Jack

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20200129/bdfa4ea2/attachment.htm>