37087 – HTTPS site, hit button button, page is refetched, however some of the form inputs is from cache

RESOLVED DUPLICATE of bug 26241 37087

HTTPS site, hit button button, page is refetched, however some of the form inputs is from cache

https://bugs.webkit.org/show_bug.cgi?id=37087

Summary HTTPS site, hit button button, page is refetched, however some of the form in...

abfmwei

Reported 2010-04-05 07:59:26 PDT

This is how the exception can be reproduced on a secure HTTPS web site, 1. Hit a secure HTTPS page - HTTP GET, hidden input __EVENTVALIDATION = 'jkdlsfjalfdsja' 2. Hit a button on the page - HTTP POST 3. Server responds with 302 redirect - HTTP GET, hidden input __EVENTVALIDATION = 'dfjkslaiowed' 4. Hit Back button, page is refetched - HTTP GET, hidden input __EVENTVALIDATION = 'dfjkslaiowed' 5. Hit a button on the page - HTTP POST, traffic sniffer shows __EVENTVALIDATION = 'jkdlsfjalfdsja', while it should be __EVENTVALIDATION = 'dfjkslaiowed'

Attachments
Add attachment proposed patch, testcase, etc.

Kent Tamura

Comment 1 2010-04-05 15:25:21 PDT

This issue was fixed very recently. *** This bug has been marked as a duplicate of bug 26241 ***

Note You need to log in before you can comment on or make changes to this bug.

Status RESOLVED

Resolution DUPLICATE

of bug 26241

Priority P4

Severity Normal

Classification Unclassified

Version 420+

Hardware All

OS All

Product WebKit

Component Forms

Assignee

Nobody

Reported

2010-04-05 07:59 PDT

Modified

2010-04-05 15:25 PDT History

CC List

2 users Show

URL

Keywords

Depends on

Blocks