STR: * Visit http://people.mozilla.org/~jlebar/webkit/shentry-301/index.html * Click "go". The link's onclick handler uses pushState to change the URI to 301.html. The link's action (navigate to 301.html) is not canceled, so we navigate to 301.html. But that's a redirect to 301-target.html. Expected results: Expect to have three session history entries (three entries when you click and hold the back button): * Original page (index.html) * 301.html (result of pushState) * 301-target.html (result of navigating to 301.html and then being redirected to 301-target.html) Actual results: Only two session history entries are created: index.html and 301-target.html. Note that if we pushState to a different URI (that is, the target of the pushState is not the same as the target of the link), then we get three session history entries, as expected. See https://bugzilla.mozilla.org/show_bug.cgi?id=701365 where we determined that this is your bug, not ours. :)