[Webkit-unassigned] [Bug 215163] Does a cross-site requests between different eTLD+1 send the full URL as the Referer header?
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Jul 27 06:38:11 PDT 2021
https://bugs.webkit.org/show_bug.cgi?id=215163
Sam Sneddon [:gsnedders] <gsnedders at apple.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |gsnedders at apple.com
--- Comment #2 from Sam Sneddon [:gsnedders] <gsnedders at apple.com> ---
This doesn't reproduce in the above case on ToT, but purely because the default referrer-policy is now strict-origin-when-cross-origin.
glitch.me has been in the version of the PSL we've shipped for a long time (Catalina at least shipped with it there, not checked further back), so I'm not sure why ITP isn't stripping the referrer in this case. John?
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20210727/fd1b6803/attachment-0001.htm>
More information about the webkit-unassigned
mailing list