Bug 37087
| Summary: | HTTPS site, hit button button, page is refetched, however some of the form inputs is from cache | ||
|---|---|---|---|
| Product: | WebKit | Reporter: | abfmwei |
| Component: | Forms | Assignee: | Nobody <webkit-unassigned> |
| Status: | RESOLVED DUPLICATE | ||
| Severity: | Normal | CC: | beidson, tkent |
| Priority: | P4 | ||
| Version: | 420+ | ||
| Hardware: | All | ||
| OS: | All | ||
abfmwei
This is how the exception can be reproduced on a secure HTTPS web site,
1. Hit a secure HTTPS page - HTTP GET, hidden input __EVENTVALIDATION = 'jkdlsfjalfdsja'
2. Hit a button on the page - HTTP POST
3. Server responds with 302 redirect - HTTP GET, hidden input __EVENTVALIDATION = 'dfjkslaiowed'
4. Hit Back button, page is refetched - HTTP GET, hidden input __EVENTVALIDATION = 'dfjkslaiowed'
5. Hit a button on the page - HTTP POST, traffic sniffer shows __EVENTVALIDATION = 'jkdlsfjalfdsja', while it should be __EVENTVALIDATION = 'dfjkslaiowed'
| Attachments | ||
|---|---|---|
| Add attachment proposed patch, testcase, etc. |
Kent Tamura
This issue was fixed very recently.
*** This bug has been marked as a duplicate of bug 26241 ***