The HTTP client drops sensitive headers after following a cross-domain redirect. For example, a request to a.com/ containing an Authorization header which is redirected to b.com/ will not send that header to b.com. In the event that the client received a subsequent same-domain redirect, however, the sensitive headers would be restored. For example, a chain of redirects from a.com/, to b.com/1, and finally to b.com/2 would incorrectly send the Authorization header to b.com/2.
{ "binaries": [ { "binary_version": "1.22.2-2~22.04.3", "binary_name": "golang-1.22" }, { "binary_version": "1.22.2-2~22.04.3", "binary_name": "golang-1.22-doc" }, { "binary_version": "1.22.2-2~22.04.3", "binary_name": "golang-1.22-go" }, { "binary_version": "1.22.2-2~22.04.3", "binary_name": "golang-1.22-src" } ], "availability": "No subscription required" }
{ "binaries": [ { "binary_version": "1.22.2-2ubuntu0.4", "binary_name": "golang-1.22" }, { "binary_version": "1.22.2-2ubuntu0.4", "binary_name": "golang-1.22-doc" }, { "binary_version": "1.22.2-2ubuntu0.4", "binary_name": "golang-1.22-go" }, { "binary_version": "1.22.2-2ubuntu0.4", "binary_name": "golang-1.22-src" } ], "availability": "No subscription required" }
{ "binaries": [ { "binary_version": "1.23.5-1", "binary_name": "golang-1.23" }, { "binary_version": "1.23.5-1", "binary_name": "golang-1.23-doc" }, { "binary_version": "1.23.5-1", "binary_name": "golang-1.23-go" }, { "binary_version": "1.23.5-1", "binary_name": "golang-1.23-src" } ], "availability": "No subscription required" }