You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Maybe an AJAX request can't be considered as a referer also, can they?
I'm wondering whether followRedirect & automaticReferer could be considered true by default. I mean, everybody want to use these features, except in specific cases.
This would allow anyone to benefit from these useful features, with an option to deactivate them. I see this like that:
Regarding AJAX requests, you're right, so a "real" page should also don't have a X-Requested-With header.
Regarding change the default behavior, I'd rather be cautious. Let's ask people's opinion on the mailing list. But we can have the checkboxes checked by default on the Recorder configuration panel.
Solution proposal:
automaticReferer
on HttpProtocolConfigurationAccept
header containingtext/html
orapplication/xhtml+xml
andX-Requested-With
is absentautomaticReferer
is set, automatically add aReferer
header with the value stored in the SessionThe recorder will be impacted too.
The text was updated successfully, but these errors were encountered: