| Summary: | Safari does not persist the Authorization header on redirect | ||||||
|---|---|---|---|---|---|---|---|
| Product: | WebKit | Reporter: | lmx <906529775> | ||||
| Component: | Page Loading | Assignee: | Nobody <webkit-unassigned> | ||||
| Status: | RESOLVED DUPLICATE | ||||||
| Severity: | Normal | CC: | achristensen, ap, beidson, biafrajr, bs, mike, nanilasyukia, webkit-bug-importer, youennf | ||||
| Priority: | P2 | Keywords: | InRadar | ||||
| Version: | WebKit Nightly Build | ||||||
| Hardware: | All | ||||||
| OS: | All | ||||||
| See Also: | https://bugs.webkit.org/show_bug.cgi?id=56716 | ||||||
| Attachments: |
|
||||||
|
Description
lmx
2022-05-01 08:29:21 PDT
It seems to make sense to keep the authorization header for same origin redirections. It would be good to check where we are dropping the header (WebKit networking code or CFNetwork). See https://github.com/whatwg/fetch/issues/944 for WhatWG fetch discussion. Created attachment 459426 [details]
Example
I uploaded an example which seems to show that the Authorisation header is being preserved on same origin redirections. @lmx, on which Safari version are you? Can you try Safari Tech Preview? Can you provide a repro case (public or privately at youenn@apple.com) or look at the provided example to see what is different? @youenn fablet Hello, I uploaded the code here. https://github.com/mrlmx/safari-redirect-demo You can also test through this online demo. https://safari-redirect-demo.vercel.app Testing in Safari Tech Preview on macOS Monterey, I get the list of users with https://github.com/mrlmx/safari-redirect-demo: lmx:18 foo:17 bar:16 @lmx, which version of Safari and iOS/macOS are you testing on? @youenn fablet Neither of my two Macs works properly. This is the corresponding version. --- macOS Monterey Version 12.1 (21C52) Safari Version 15.2 (17612.3.6.1.6) --- macOS Big Sur Version 11.3(20E232) Safari Version 14.1 (16611.1.21.161.3) This is now fixed in latest Safari macOS 12.3 *** This bug has been marked as a duplicate of bug 230935 *** Thank you(In reply to youenn fablet from comment #8) > This is now fixed in latest Safari macOS 12.3 > > *** This bug has been marked as a duplicate of bug 230935 *** I’m still experiencing this issue on Safari for iOS on my IPhone SE 2020 running iOS 16.6.1. Shouldn’t this be fixed? Yes, it's supposed to have been fixed. Could you please file a new bug from scratch, with precise steps to reproduce and any additional information? |