[Webkit-unassigned] [Bug 230935] Authorization header lost on 30x redirects
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Oct 4 12:32:02 PDT 2021
https://bugs.webkit.org/show_bug.cgi?id=230935
--- Comment #7 from Chris Dumez <cdumez at apple.com> ---
Comment on attachment 440087
--> https://bugs.webkit.org/attachment.cgi?id=440087
WIP Patch
View in context: https://bugs.webkit.org/attachment.cgi?id=440087&action=review
>> Source/WebKit/NetworkProcess/cocoa/NetworkDataTaskCocoa.mm:501
>> + if (auto authorization = m_firstRequest.httpHeaderField(WebCore::HTTPHeaderName::Authorization); !authorization.isNull())
>
> We likely only want to do this if it's not a cross-origin redirect. Line 470 could be reused to tell.
That's what I did, no? That's why I am in the else case (the if case on line 494 clears the Authorization header).
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20211004/fced9503/attachment-0001.htm>
More information about the webkit-unassigned
mailing list