Details
-
Bug
-
Resolution: Done
-
P2: Important
-
None
-
5.15.1
-
None
-
291982fed7cda16c19c23b2917493ab2bee86ba7 (qt/qtwebengine-chromium/90-based)
Description
When opening http://tour.golang.org in e.g. simplebrowser, the website is almost empty, with various errors logged in the JS console:
When doing the same in Chromium, the site displays properly - note, however, that Chromium loads https://tour.golang.org even if the HTTP variant is opened explicitly.
What seems to happen here is that the HTTP version of the page sends a Strict-Transport-Security: max-age=31536000; preload header while still serving (broken) content via HTTP - the header causes Chromium to automatically redirect to HTTPS:
(Alternatively, this might actually happen because tour.golang.org is on the HSTS preload list which is not used by QtWebEngine?)
Attachments
For Gerrit Dashboard: QTBUG-88036 | ||||||
---|---|---|---|---|---|---|
# | Subject | Branch | Project | Status | CR | V |
348555,1 | Use Chrome HSTS | 88-based | qt/qtwebengine-chromium | Status: ABANDONED | 0 | 0 |
359332,2 | Use Chrome HSTS | 90-based | qt/qtwebengine-chromium | Status: MERGED | +2 | 0 |