[Webkit-unassigned] [Bug 217758] referrerpolicy is not honored

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Tue Oct 20 03:16:00 PDT 2020


https://bugs.webkit.org/show_bug.cgi?id=217758

maudn at chromium.org <maudn at chromium.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
            Version|Safari 12                   |Other

--- Comment #2 from maudn at chromium.org <maudn at chromium.org> ---
Thanks Alexey! An update:

On mac Safari 14.0 with ITP on: (tested on my machine)
----------
Element-level `referrerpolicy` are honored, even `no-referrer-when-downgrade`, on *all* types of elements: iframes, a (navigations), images and scripts.

On iOS 14: (tested on BrowserStack)
----------
Two observations:
• Element-level `referrerpolicy` are honored, except `no-referrer-when-downgrade` - Meaning, in these cases, the Referer header is only the origin. Which in my understanding may be due to ITP. *But* one other interesting behaviour:
When `referrerpolicy` is `no-referrer-when-downgrade` on an `a` element:
`document.referrer` is only the origin, but the `Referer` header is the full URL i.e. honors the policy.
• This also means that the behaviour is different than on mac, why could this be? I'm testing on BrowserStack, so it could be some special settings.


On mac Safari 13 and iOS 13:
----------
Element-level `referrerpolicy` are not honored, even when they're *stricter* than the document's policy.


Re: Self-contained test that doesn't require for the app spot URL to remain live. Will post a link here, let me update the code. In the meantime, the appspot URL will remain live!

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20201020/1ef2420b/attachment.htm>


More information about the webkit-unassigned mailing list