New issue
Advanced search Search tips

Issue 866355 link

Starred by 1 user

Issue metadata

Status: Available
Owner: ----
Cc:
Components:
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: 2
Type: Bug

Blocked on:
issue 865852



Sign in to add a comment

Signed Exchange: Make the inner redirect saner and well-defined

Project Member Reported by kinuko@chromium.org, Jul 23

Issue description

Wanted to file this so that we don't forget to revisit and discuss what changes and checks are needed.

- Status code: 302 should probably be 303
- Method: Currently we always convert the method to 'GET', but if the request was 'HEAD' it's probably okay to handle as is
- Fragments will need to be preserved: see  issue 865852 
- Site for cookies: Probably no need to worry about it too much as cookie access can't happen from inner requests. (We currently update this on redirects)
- Referrer policy: currently we use default (i.e. CLEAR_REFERRER_ON_TRANSITION_FROM_SECURE_TO_INSECURE)
- Referrer: We set nothing (i.e. clear on redirect)

See also RedirectInfo::ComputeRedirectInfo() and RedirectUtil::UpdateHttpRequest() to see what we're doing with regular redirects.

 
Blockedon: 865852
Also something to consider: Whether the inner redirect counts towards the redirect count of the page (currently it does in Chrome, but wouldn't for other implementations, AIUI)
Labels: -SignedExchange-b1 SignedExchange-b2
Components: Blink>Loader
Now the loading spec draft explicitly says the redirect code should be 303.

https://wicg.github.io/webpackage/loading.html
Project Member

Comment 5 by bugdroid1@chromium.org, Aug 29

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/7e8a3c6f01810ae80b523aeac60a10de26005f18

commit 7e8a3c6f01810ae80b523aeac60a10de26005f18
Author: Kunihiko Sakamoto <ksakamoto@chromium.org>
Date: Wed Aug 29 01:02:18 2018

Signed Exchange: Use status code 303 for internal redirects

Bug: 866355
Change-Id: I4f78ff8673d89aae087c5ad0cc528016761eac96
Reviewed-on: https://chromium-review.googlesource.com/1192570
Reviewed-by: Kouhei Ueno <kouhei@chromium.org>
Reviewed-by: Kinuko Yasuda <kinuko@chromium.org>
Commit-Queue: Kunihiko Sakamoto <ksakamoto@chromium.org>
Cr-Commit-Position: refs/heads/master@{#586977}
[modify] https://crrev.com/7e8a3c6f01810ae80b523aeac60a10de26005f18/content/browser/web_package/signed_exchange_loader.cc
[modify] https://crrev.com/7e8a3c6f01810ae80b523aeac60a10de26005f18/content/browser/web_package/signed_exchange_request_handler_browsertest.cc

Sign in to add a comment