Weird bug of the day: Twitter in-app browser can't visit site
In August 2015, a small number of users reported experiencing errors while browsing CloudFlare-secured websites using Twitter's in-app browser on iOS devices. The issue was traced to an empty "Referer" header when transitioning from HTTPS to HTTP pages within the app. This behavior contradicts RFC7231, which mandates that a URI reference must be included in the Referer header if present. CloudFlare's Browser Integrity Check flagged this as an error and generated the observed issue. The problem was reported to Twitter and Facebook, leading to a fix allowing for this behavior on their in-app browsers. Developers are advised to be cautious when validating the Referer header, as they may encounter similar issues with other applications.
Company
Cloudflare
Date published
Sept. 8, 2015
Author(s)
John Graham-Cumming
Word count
615
Language
English
Hacker News points
None found.