Safari / WebKit doesn't send the HTTP_REFERER header when loading an iframe that has been injected into a parent iframe that has no src attribute. This seems to be an issue unique to Safari. Chrome, Firefox, IE, Edge, Opera and Yandex all send the HTTP_REFERER header. Steps to reproduce: 1) I set up a test case here: https://sproutvideo-examples.s3.amazonaws.com/iframe_problem.html . This page displays the request headers. Expected Results: The browser should send the HTTP_REFERER header with the request and the test case should display https://sproutvideo-examples.s3.amazonaws.com/iframe_problem.html as the HTTP_REFERER. Actual Results: The browser does not send the HTTP_REFERER header. Platform: All versions of Safari on all operating systems. Other Platforms: Every single browser (IE, Edge, Firefox, Chrome, Opera, Yandex) going back many versions and operating systems (Windows, MacOS/OSX, iOS, Android, etc) also going back several versions, behaves as expected and sends the HTTP_REFERER
<rdar://problem/31137534>
Just checking in. It's been 4 years, and this still is broken in the current version of Safari. Is there any chance someone will take a look at this?