[Webkit-unassigned] [Bug 215163] Does a cross-site requests between different eTLD+1 send the full URL as the Referer header?

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Tue Jul 27 06:38:11 PDT 2021


Sam Sneddon [:gsnedders] <gsnedders at apple.com> changed:

           What    |Removed                     |Added
                 CC|                            |gsnedders at apple.com

--- Comment #2 from Sam Sneddon [:gsnedders] <gsnedders at apple.com> ---
This doesn't reproduce in the above case on ToT, but purely because the default referrer-policy is now strict-origin-when-cross-origin.

glitch.me has been in the version of the PSL we've shipped for a long time (Catalina at least shipped with it there, not checked further back), so I'm not sure why ITP isn't stripping the referrer in this case. John?

You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20210727/fd1b6803/attachment-0001.htm>

More information about the webkit-unassigned mailing list