PATCH: 2 small KHTML patches...
Dirk Mueller
mueller at kde.org
Wed Jan 14 20:41:04 GMT 2004
On Wednesday 14 January 2004 03:44, Dawit A. wrote:
> Then I do not understand why this is a security/privacy issue then ? I mean
> if the server did the redirecting using 302, we simply send the referrer
> anyways, so I fail to see why doing it from KHTML on meta
> redirection/refresh would be a problem.
it is not a problem on meta redirection. the problem is that the new site, the
server we were redirected to with a 302 redirection, must not get the
previous referrer, with other words, a server redirection is not a user
action upon which the referrer header is supposed to get set.
besides that we use the code path for javascript based redirections and there
also referers must get cleared.
> Both Mozilla and IE do the same
> thing as far as I can tell.
No they don't. Read #42611.
(use cvs annotate please when you wonder why code is there which you think
should not be there).
Dirk
More information about the kde-core-devel
mailing list