Avatar for Username

Vyhľadajte odpoveď

Vyhnite sa podvodom s podporou. Nikdy vás nebudeme žiadať, aby ste zavolali alebo poslali SMS na telefónne číslo alebo zdieľali osobné informácie. Nahláste prosím podozrivú aktivitu použitím voľby “Nahlásiť zneužitie”.

Learn More

Táto téma bola archivovaná. Ak potrebujete pomôcť, založte prosím novú otázku.

URLs in GET parameters changed in private mode

  • 1 odpoveď
  • 0 má tento problém
  • 16 zobrazení
  • Posledná odpoveď od Aram

Aram
Aram
more options

When in private mode URLs get changed, leading to unexpected results:

http://scripting.com/?url=https://google.com

Will be rewritten to

http://scripting.com/?url=http://google.com

How to reproduce: 1. open a private window 2. enter the example URL (Using Dave Winers non-https as he's an advocate) 3. see the result in the URL bar (the second scheme is changed from https to http)

This only happens when the param has https and the request URL has not (other combinations did not lead to changes). Other browsers did not show this behavior.

When in private mode URLs get changed, leading to unexpected results: http://scripting.com/?url=https://google.com Will be rewritten to http://scripting.com/?url=http://google.com How to reproduce: 1. open a private window 2. enter the example URL (Using Dave Winers non-https as he's an advocate) 3. see the result in the URL bar (the second scheme is changed from https to http) This only happens when the param has https and the request URL has not (other combinations did not lead to changes). Other browsers did not show this behavior.

Všetky odpovede (1)

Aram
Aram Autor otázky
more options

@Dropa

That is what I initially assumed; like some greedy .htaccess rewriting URLs in get parameters.

But if it were a server-side configuration, it would not only happen in private mode (but also in "normal" mode) and it would be a problem in other browsers too.

It appears something to do with "safety" of server URLs: on http://localhost the param is not rewritten.

Upravil(a) Aram dňa