RESOLVED INVALID189084
Mobile Safari silently retries non-idempotent network requests 
https://bugs.webkit.org/show_bug.cgi?id=189084
Summary Mobile Safari silently retries non-idempotent network requests
Joel Riley
Reported 2018-08-29 09:48:33 PDT
Spec allows browsers to silently retry requests (https://tools.ietf.org/html/rfc2616#section-8.2.4) if the network connection prematurely closes. This can happen, for instance, when a mobile device is switching away from a poor network or switching between wifi and cellular network. If a client (javascript) issues only one network request, the browser may issue two requests if the first request is interrupted, and the payload of the second request is returned back to the client, which is unaware two requests took place. This behavior is problematic in the case of non-idempotent requests (such as POST), since those requests can have side effects. One examples is an HTTP POST request to create a new comments on a message board could in turn cause two comments to be posted if the browser retries request due to network disconnect. Safari should not retry non-idempotent requests. Chrome currently handles this correctly. RFC that states retries should not happen for non-idempotent requests: https://tools.ietf.org/html/rfc7230#section-6.3.1
Attachments
Add attachment proposed patch, testcase, etc.
Alexey Proskuryakov
Comment 1 2018-08-30 10:17:09 PDT
Thank you for the report! This is implemented at a lower level than WebKit, so we can't track this problem in WebKit bugzilla. Could you please report it via https://bugreport.apple.com, so that Apple engineers responsible for networking could take a look? Also, they would most likely need steps to reproduce, or at least a tcpdump.
Note You need to log in before you can comment on or make changes to this bug.