160905 – Upgrade-Insecure-Request state is improperly retained between navigations

Bug 160905 - Upgrade-Insecure-Request state is improperly retained between navigations

Summary: Upgrade-Insecure-Request state is improperly retained between navigations

Status:	RESOLVED FIXED

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	WebCore Misc. (show other bugs)
Version:	WebKit Nightly Build
Hardware:	All All

Importance:	P2 Normal
Assignee:	Brent Fulgham

URL:
Keywords:	InRadar

Depends on:
Blocks:

Reported:	2016-08-16 11:44 PDT by Brent Fulgham
Modified:	2016-08-16 13:34 PDT (History)
CC List:	9 users (show)

See Also:

Attachments
Patch (10.98 KB, patch) 2016-08-16 11:56 PDT, Brent Fulgham	aestes: review+	Details \| Formatted Diff \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Brent Fulgham 2016-08-16 11:44:12 PDT

If you load a website that has the Upgrade-Insecure-Request header, then navigate to a second site that does NOT have the header set, WebKit will continue to process resource loads as though the UIR header was active.

While we want to perform sub-frame loads with an inherited UIR state, we do NOT want this to happen when performing a top-level navigation that replaces the content of the frame.

Comment 1 Brent Fulgham 2016-08-16 11:46:53 PDT

<rdar://problem/27075526>

Comment 2 Brent Fulgham 2016-08-16 11:56:24 PDT

Created attachment 286189 [details]
Patch

Comment 3 Brent Fulgham 2016-08-16 13:34:31 PDT

Committed r204521: <http://trac.webkit.org/changeset/204521>