[Webkit-unassigned] [Bug 230935] Authorization header lost on 30x redirects
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Oct 4 12:32:40 PDT 2021
https://bugs.webkit.org/show_bug.cgi?id=230935
--- Comment #8 from Alex Christensen <achristensen at apple.com> ---
Comment on attachment 440087
--> https://bugs.webkit.org/attachment.cgi?id=440087
WIP Patch
View in context: https://bugs.webkit.org/attachment.cgi?id=440087&action=review
>>> Source/WebKit/NetworkProcess/cocoa/NetworkDataTaskCocoa.mm:501
>>> + if (auto authorization = m_firstRequest.httpHeaderField(WebCore::HTTPHeaderName::Authorization); !authorization.isNull())
>>
>> We likely only want to do this if it's not a cross-origin redirect. Line 470 could be reused to tell.
>
> That's what I did, no? That's why I am in the else case (the if case on line 494 clears the Authorization header).
Oh, you're right.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20211004/322b4503/attachment.htm>
More information about the webkit-unassigned
mailing list