/plushcap/analysis/cloudflare/weird-bug-of-the-day-twitter-in-app-browser-cant-visit-site

Weird bug of the day: Twitter in-app browser can't visit site

What's this blog post about?

In August 2015, a small number of users reported experiencing errors while browsing CloudFlare-secured websites using Twitter's in-app browser on iOS devices. The issue was traced to an empty "Referer" header when transitioning from HTTPS to HTTP pages within the app. This behavior contradicts RFC7231, which mandates that a URI reference must be included in the Referer header if present. CloudFlare's Browser Integrity Check flagged this as an error and generated the observed issue. The problem was reported to Twitter and Facebook, leading to a fix allowing for this behavior on their in-app browsers. Developers are advised to be cautious when validating the Referer header, as they may encounter similar issues with other applications.

Company
Cloudflare

Date published
Sept. 8, 2015

Author(s)
John Graham-Cumming

Word count
615

Language
English

Hacker News points
None found.


By Matt Makai. 2021-2024.