-5

Original:

Bug description: Page A is accessed directly, Click something on page A goes to page B, Press back button back to Page A, And simple html elements on Page A will stop working with Safari.

How IOS 15 Backbutton works in a nutshell, onclick="history.back();" Very sloppy at best for a trillion dollar company's browser, FYI this bug only happens in https not http, Does anyone know what exactly in Django 4 causing this bug?

New:

Not just Django, Any secure web framework would have this "Bug" with Safari by default, This post could have save someone hours or days of trouble in the future, See answer below.

Hello World
  • 57
  • 7
  • This is not the correct place to report bugs in Django. Please use [Django's bug tracker](https://code.djangoproject.com/) – Abdul Aziz Barkat Jul 18 '22 at 11:56
  • I feel it would make a bigger impact to inform the community, The very subtle bug has been proven, And given how big is the iPhone IOS market thus the gravity of this BUG, People should know – Hello World Jul 18 '22 at 12:07
  • "_gravity of this BUG_"? You don't even say what the bug is, "_will stop working_" doesn't convey anything. Not to mention [customer service-related questions are off-topic](https://meta.stackoverflow.com/questions/255745/why-cant-i-ask-customer-service-related-questions-on-stack-overflow) on Stack Overflow, Your question doesn't have a [mre]... Have you on the other hand also considered this to be a bug in your browser as it seems whatever difficulty you have is on the _client side_. – Abdul Aziz Barkat Jul 18 '22 at 12:27
  • @Abdul Aziz Barkat, The bug is not on the client side, You can check it with any browser, It's perfectly normal, Like I said, The bug has been proven – Hello World Jul 18 '22 at 12:35
  • Some searching shows me this [question](https://stackoverflow.com/questions/72863025/weird-iphone-safari-back-button-bug-with-possible-cloudflare-incompatibility) of yours, why did you delete that? It was articulated much better than this one. I also found these pages: 1) https://developer.apple.com/forums/thread/699982 2) https://bugs.webkit.org/show_bug.cgi?id=238318 and 3) https://stackoverflow.com/questions/70834688/intermittent-html-select-freezes-on-safari-in-ios-15-onwards/71035270 which seem to be relevant to the issue. – Abdul Aziz Barkat Jul 18 '22 at 13:33

1 Answers1

1

That would be a Safari problem, It's an origin issue, So heres what happens in a nutshell, When that Safari back button is clicked, If you notice carefully, It might still display https but that lock is gone, In Django 3, The default SECURE_CROSS_ORIGIN_OPENER_POLICY is None, And since Apple decides to save budget on it's browser, As a result, The back button gets one line of coding that is virtually equivalent to history.back(), And in Django 4 the default SECURE_CROSS_ORIGIN_OPENER_POLICY is set to same-origin, And Thus, The Bug, All thanks to Safari being a cost-efficient browser.

Hello World
  • 57
  • 7