[Webkit-unassigned] [Bug 230935] Authorization header lost on 30x redirects
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri Oct 1 15:43:07 PDT 2021
https://bugs.webkit.org/show_bug.cgi?id=230935
Chris Dumez <cdumez at apple.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |youennf at gmail.com
--- Comment #3 from Chris Dumez <cdumez at apple.com> ---
https://fetch.spec.whatwg.org/#concept-http-redirect-fetch says to use the same request as the original one except for the URL in this case.
NetworkResourceLoader::willSendRedirectedRequest() gets called with a redirectRequest which already doesn't include the Authorization header so I guess it is not WebKit that's dropping it but likely CFNetwork under us?
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20211001/0b29e120/attachment-0001.htm>
More information about the webkit-unassigned
mailing list