New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 733999 link

Starred by 1 user

Issue metadata

Status: WontFix
Owner:
Closed: Sep 2017
Cc:
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux , Windows , Mac
Pri: 1
Type: Bug-Regression



Sign in to add a comment

Same domain , different redirect in different tabs

Reported by yogiguo8...@gmail.com, Jun 16 2017

Issue description

UserAgent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.104 Safari/537.36

Example URL:
https://www.wabatam.com/testone, https://www.wabatam.com/testtwo 

Steps to reproduce the problem:
1. open first tab, url https://www.wabatam.com/testone
2. open second tab, url https://www.wabatam.com/testtwo , then hit submit
3. goto first tab, hit submit, 

What is the expected behavior?
on first tab, it should redirect to https://www.wabatam.com/testone 

What went wrong?
it redirect to different url (same domain) https://www.wabatam.com/testtwo 

Does it occur on multiple sites: N/A

Is it a problem with a plugin? N/A 

Did this work before? Yes 57

Does this work in other browsers? Yes

Chrome version: 59.0.3071.104  Channel: stable
OS Version: 6.1 (Windows 7, Windows Server 2008 R2)
Flash Version: 

Here is custom link for test : 
1.open first tab  :
https://www.wabatam.com/testone

2.open second tab : 
https://www.wabatam.com/testtwo , press submit

3.goto first tab : 
press 'submit'

I found out, you don't need to submit on second tab, you can just go back to first tab, and click submit, it will redirect to https://www.wabatam.com/testtwo.

my server (laravel)'s simple code : 
Route::get('testone',function(){
        return "<h3>First Tab</h3><form method='post' action='testonepost'><input type='hidden' name='_token' value=".csrf_token()."><input type='submit'></form>";
});

Route::post('testonepost',function(){
        return redirect()->back();
});

Route::get('testtwo',function(){
        return "<h3>Second Tab</h3><form method='post' action='testtwopost'><input type='hidden' name='_token' value=".csrf_token()."><input type='submit'></form>";
});

Route::post('testtwopost',function(){
        return redirect()->back();
});
 
Labels: Needs-Triage-M59
Cc: sandeepkumars@chromium.org
Components: UI
Labels: -Pri-2 -Type-Compat -Needs-Triage-M59 M-61 hasbisect-per-revision OS-Linux OS-Mac Pri-1 Type-Bug-Regression
Owner: est...@chromium.org
Status: Assigned (was: Unconfirmed)
Able to reproduce the issue using latest stable #59.0.3071.104 on Mac 10.12.4, Win 10 and Linux Ubuntu 14.04 as well

Below is the bisect info
========================

Good Build: 56.0.2886.0  (Revision: 424099)
Bad Build:  56.0.2887.0  (Revision: 424315)


Using per-revision bisect providing the bisect results:

You are probably looking for a change made after 424235 (known good), but no later than 424236 (first known bad).

CHANGELOG URL:
 https://chromium.googlesource.com/chromium/src/+log/2510d5dc6548c8f4b52d42d1f66f233cd45b7402..1c7f4eba31fca673ed6adbfd2f7e2f04394da590

Review-Url: https://codereview.chromium.org/2399643002

estark@: Could you please take a look into this issue and reassign if this issue is not related to your change.

Note: Issue is seen in M61 as well

Thanks..!!

Comment 3 by est...@chromium.org, Jul 12 2017

Labels: Needs-Feedback
It doesn't look like the test pages work anymore. Do you have a self-contained reproduction case that I can see?

Comment 4 by est...@chromium.org, Jul 12 2017

Cc: ranjitkan@chromium.org est...@chromium.org
 Issue 729934  has been merged into this issue.

Comment 5 by est...@chromium.org, Jul 12 2017

Components: -UI Blink>SecurityFeature>Referrer
problem been solved by set Header from `Referrer-Policy: no-referrer`
 to `Referrer-Policy same-origin`. 

Status: WontFix (was: Assigned)
Closing due to lack of feedback.

Sign in to add a comment