Bug 81215
| Summary: | Infinite browser loop via Refresh headers | ||
|---|---|---|---|
| Product: | WebKit | Reporter: | Niels Heinen <niels.heinen> |
| Component: | Page Loading | Assignee: | Nobody <webkit-unassigned> |
| Status: | UNCONFIRMED | ||
| Severity: | Normal | CC: | ap |
| Priority: | P2 | ||
| Version: | 420+ | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
Niels Heinen
Refresh headers allow browser redirection but unlike 3xx redirects, there is no limit.
This can cause infinite loops when two servers give responses where the Redirect headers point to each other.
HTTP/1.0 200 OK
Refresh: 0; url=http://server2
HTTP/1.0 200 OK
Refresh: 0; url=http://server1
The loops suck CPU and some screen flickering so --> not the most user-friendly ;-)
Perhaps it can be considered enforce a maximum Refresh limit in order to counter these loops?
Niels
| Attachments | ||
|---|---|---|
| Add attachment proposed patch, testcase, etc. |