160905 – Upgrade-Insecure-Request state is improperly retained between navigations

RESOLVED FIXED 160905

Upgrade-Insecure-Request state is improperly retained between navigations

https://bugs.webkit.org/show_bug.cgi?id=160905

Summary Upgrade-Insecure-Request state is improperly retained between navigations

Brent Fulgham

Reported 2016-08-16 11:44:12 PDT

If you load a website that has the Upgrade-Insecure-Request header, then navigate to a second site that does NOT have the header set, WebKit will continue to process resource loads as though the UIR header was active. While we want to perform sub-frame loads with an inherited UIR state, we do NOT want this to happen when performing a top-level navigation that replaces the content of the frame.

Attachments
Patch (10.98 KB, patch) 2016-08-16 11:56 PDT, Brent Fulgham	aestes: review+	Details Formatted Diff Diff
View All Add attachment proposed patch, testcase, etc.

Brent Fulgham

Comment 1 2016-08-16 11:46:53 PDT

<rdar://problem/27075526>

Brent Fulgham

Comment 2 2016-08-16 11:56:24 PDT

Created attachment 286189 [details] Patch

Brent Fulgham

Comment 3 2016-08-16 13:34:31 PDT

Committed r204521: <http://trac.webkit.org/changeset/204521>

Note You need to log in before you can comment on or make changes to this bug.

Status RESOLVED

Resolution FIXED

Priority P2

Severity Normal

Classification Unclassified

Version WebKit Nightly Build

Hardware All

OS All

Product WebKit

Component WebCore Misc.

Assignee

Brent Fulgham

Reported

2016-08-16 11:44 PDT

Modified

2016-08-16 13:34 PDT History

CC List

9 users Show

URL

Keywords InRadar

Depends on

Blocks