Fwd: [Bug 22558] referrer leaks through to non-referring site

Waldo Bastian bastian at kde.org
Mon Jul 7 14:52:05 BST 2003 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Sunday 06 July 2003 18:03, Waldo Bastian wrote:
> On Saturday 05 July 2003 22:39, George Staikos wrote:
> > Now the question is, did my changes expose this?
>
> With my build from the 3.1 branch (without your partial fix for 60479) I
> notice the problem when entering the URL in the location bar and when
> pasting the URL with MMB. I can't reproduce it by selecting the url as
> bookmark.
>
> The bad part is that the referrer here includes username and password as
> well, so I guess the khtml fix is needed after all.

Attached are two patches as a partial fix to the referrer problem. It changes 
the way how d->m_pageReferrer is set within KHTMLPart: It is now set 
according to the information that it gets back from the io-slave (http 
slave). This ensures that the document.referrer is better synced to the 
actual referrer send by the http-slave. It also makes it possible to have all 
referrer logic in kio_http instead of having it to duplicate in multiple 
places.

Also attached is a test-case. They should be installed on a php-enabled 
webserver and accessed via http. The following tests should be done with the 
test-case:

(1) Browse from referrer.php to referrer2.php to referrer3.php via the links 
on the pages.
- - The referrer should point to the previous page in each instance.

(2) Use the back button to go back. 
- - The referrers should not have changed, both referrers on referrer2.php 
should still point to referrer.php.

(3) Reload the page.
- - The referrers should not change, both referrers on referrer2.php should 
still point to referrer.php.

(4) Browse to referrer3.php via the link on the referrer2.php page. Then visit 
15 other pages (To flush the page-cache for referrer2.php) and clear the 
cache. Now go back to referrer2.php using the history.
- - The referrers should not change, both referrers on referrer2.php should 
still point to referrer.php.

(5) Go to referrer3.php and then enter referrer2.php in the location bar.
- - Both referrers should be empty.

(6) Go to referrer.php and browse to referrer2.php. Now enter referrer2.php in 
the location bar.
- - Both referrers should be empty.

(7) Go to referrer.php and browse to referrer2.php. Now enter 
referrer2.php#bla in the location bar.
- - Both referrers should not change, both referrers on referrer2.php should 
still point to referrer.php.

(8) Go to referrer.php and browse to referrer2.php. Now click on "Javascript 
reload". 
- - Both referrers should not change, both referrers on referrer2.php should 
still point to referrer.php.

(9) Go to referrer.php and browse to referrer2.php and bookmark it. Go to 
referrer3.php and then go to referrer2.php using the bookmark.
- - Both referrers should be empty.

(10) While still on referrer2.php select the referrer2.php bookmark again.
- - Both referrers should be empty.

(11) Go to referrer2.php and select "Redirection to referrer3.php". You should 
end up on referrer3.php.
- - Both referrers should point to referrer2.php

(12) Go to http://foo:bar@<host>/<path>/referrer.php (Fill in <host> and 
<path> accordingly) and browse to referrer2.php
- - Neither referrer should contain either foo or bar.

With the patches below applied, Konqueror still fails on test (3) and (8). 
After applying the patches and installing make sure that your konqueror is 
actually using the new khtml and the new kio_http. You may need to kill any 
existing kio_http process first and you may wish to flush the kio_http cache 
with "kio_http_cache_cleaner --clear-all".

I have tested Netscape 4.x which breaks on (12)

Open issues:
A) What should the behavior be when accessing the files via file:/ instead of 
http? NS 4.x sets document.referrer in that case. (Note that Konqueror 
doesn't the file at all unless renamed it to .html) Konqueror leaves 
document.referrer empty.
B) What should the behavior be when accessing a file via http:// but linked 
from a file:/ URL? NS 4.x sets document.referrer to the file:/ url in that 
case. Konqueror leaves document.referrer empty.

I would appreciate it if people could verify the behavior of other browsers 
wrt 1-12 and A & B.

Additional test-cases are welcome.

Cheers,
Waldo
- -- 
bastian at kde.org -=|[ SuSE, The Linux Desktop Experts ]|=- bastian at suse.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE/CXsFN4pvrENfboIRAiIdAJ9PPgPxol09DazuBxjxyqavVQk0KQCcDEmw
VvNRRB8aW4uk6v1C+6m4moA=
=2gts
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: HEAD-kdelibs-http.patch
Type: text/x-diff
Size: 526 bytes
Desc: not available
URL: <https://mail.kde.org/mailman/private/kfm-devel/attachments/20030707/9436f07f/attachment.patch>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: HEAD-kdelibs-khtml.patch
Type: text/x-diff
Size: 2196 bytes
Desc: not available
URL: <https://mail.kde.org/mailman/private/kfm-devel/attachments/20030707/9436f07f/attachment-0001.patch>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: referrer.php
Type: application/x-php
Size: 365 bytes
Desc: not available
URL: <https://mail.kde.org/mailman/private/kfm-devel/attachments/20030707/9436f07f/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: referrer3.php
Type: application/x-php
Size: 364 bytes
Desc: not available
URL: <https://mail.kde.org/mailman/private/kfm-devel/attachments/20030707/9436f07f/attachment-0001.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: redir.php
Type: application/x-php
Size: 47 bytes
Desc: not available
URL: <https://mail.kde.org/mailman/private/kfm-devel/attachments/20030707/9436f07f/attachment-0002.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: referrer2.php
Type: application/x-php
Size: 482 bytes
Desc: not available
URL: <https://mail.kde.org/mailman/private/kfm-devel/attachments/20030707/9436f07f/attachment-0003.bin>

More information about the kfm-devel mailing list