[Webkit-unassigned] [Bug 259926] New: Webkit sends corrupted referrer header for service worker script request

Tue Aug 8 03:47:37 PDT 2023

https://bugs.webkit.org/show_bug.cgi?id=259926

            Bug ID: 259926
           Summary: Webkit sends corrupted referrer header for service
                    worker script request
           Product: WebKit
           Version: Other
          Hardware: Unspecified
                OS: All
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: Service Workers
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: palani at canva.com

Created attachment 467220

  --> https://bugs.webkit.org/attachment.cgi?id=467220&action=review

screenshot of access logs

After deploying service worker in the production for large volume of users, we noticed safari sending corrupted referrer header for service worker script requests.
The corrupted request header is just 6 characters 'https:'.
We use cloudflare and in the cloudflare logs we can see the referrer as 'https:' for some of the service worker script requests.

We are not able to reproduce the issue and but its happening in production for a small percent of users (0.5%).
Its happening for all safari versions (14, 15, 16).

This is happening only for the service worker script requests. (The url which we provide in the service worker registration).
All other subsequent requests (importScript()) and all other fetch() calls from service worker were unaffected by this issue.

The corrupted request header is always just 6 characters 'https:', Nothing else.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20230808/b922a536/attachment.htm>