217758 – referrerpolicy is not honored

Bug 217758 - referrerpolicy is not honored

Summary: referrerpolicy is not honored

Status:	NEW

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	DOM (show other bugs)
Version:	Other
Hardware:	Unspecified Unspecified

Importance:	P2 Normal
Assignee:	Nobody

URL:
Keywords:	InRadar

Depends on:
Blocks:

Reported:	2020-10-15 09:16 PDT by maudn@chromium.org
Modified:	2020-10-22 09:17 PDT (History)
CC List:	2 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description maudn@chromium.org 2020-10-15 09:16:20 PDT

It looks like element-level referrer-policies set via the HTML attribute `referrerpolicy` aren't honored.
This can be tested on this [test site](https://site-one-dot-referrer-demo-280711.ey.r.appspot.com/stuff/detail?tag=red&p=p2).

It looks like the problem has been fixed in Safari 14 (Desktop), but I can still reproduce in Safari 12 on an older iPhone. 

More details [here](https://lists.webkit.org/pipermail/webkit-dev/2020-September/031404.html).

Comment 1 Alexey Proskuryakov 2020-10-15 17:09:09 PDT

If this only reproduces on a 2 year old release, then I don't see how this is a bug to track here. Can you reproduce on iOS 14?

That said, there were other bug reports about referrerpolicy interaction with other features like ITP, including bug 206957 and bug 215356, so maybe this is related?

Could you please attach a self contained test that doesn't require for the app spot URL to remain live?

Comment 2 maudn@chromium.org 2020-10-20 03:16:00 PDT

Thanks Alexey! An update:

On mac Safari 14.0 with ITP on: (tested on my machine)
----------
Element-level `referrerpolicy` are honored, even `no-referrer-when-downgrade`, on *all* types of elements: iframes, a (navigations), images and scripts.

On iOS 14: (tested on BrowserStack)
----------
Two observations:
• Element-level `referrerpolicy` are honored, except `no-referrer-when-downgrade` - Meaning, in these cases, the Referer header is only the origin. Which in my understanding may be due to ITP. *But* one other interesting behaviour:
When `referrerpolicy` is `no-referrer-when-downgrade` on an `a` element:
`document.referrer` is only the origin, but the `Referer` header is the full URL i.e. honors the policy.
• This also means that the behaviour is different than on mac, why could this be? I'm testing on BrowserStack, so it could be some special settings.


On mac Safari 13 and iOS 13:
----------
Element-level `referrerpolicy` are not honored, even when they're *stricter* than the document's policy.


Re: Self-contained test that doesn't require for the app spot URL to remain live. Will post a link here, let me update the code. In the meantime, the appspot URL will remain live!

Comment 3 maudn@chromium.org 2020-10-20 03:23:57 PDT

Note: I see [here](https://github.com/privacycg/proposals/issues/13#issuecomment-707242581) that the document.referrer vs Referer header behaviour difference is to be expected.

Comment 4 Radar WebKit Bug Importer 2020-10-22 09:17:15 PDT

<rdar://problem/70576228>