NavigationEvent#canIntercept is true when navigating to a different port

Ahmad-S792 · Ahmad Saleem · commit 850ce3163e55 · 2026-02-11T15:47:06.000-08:00
https://bugs.webkit.org/show_bug.cgi?id=307197 rdar://169845691 Reviewed by Basuke Suzuki. The canIntercept property was incorrectly returning true when navigating between different ports on the same host (e.g., localhost:3000 to localhost:3001). According to the spec [1], canIntercept should be false when the document URL and target URL differ in scheme, username, password, host, or port components. The bug was in documentCanHaveURLRewritten(), which returned true for any HTTP(s) URL without checking if the port (or other components) matched between the document and target URLs. This patch fixes by adding explicit checks for scheme, username, password, host, and port equality before allowing URL rewriting. [1] https://html.spec.whatwg.org/multipage/nav-history-apis.html#can-have-its-url-rewritten * Source/WebCore/page/Navigation.cpp: (WebCore::documentCanHaveURLRewritten): * LayoutTests/imported/w3c/web-platform-tests/navigation-api/navigate-event/navigate-event-canintercept-cross-port-expected.txt: Added. * LayoutTests/imported/w3c/web-platform-tests/navigation-api/navigate-event/navigate-event-canintercept-cross-port.html: Added. Canonical link: https://commits.webkit.org/307316@main
diff --git a/LayoutTests/imported/w3c/web-platform-tests/navigation-api/navigate-event/navigate-event-canintercept-cross-port-expected.txt b/LayoutTests/imported/w3c/web-platform-tests/navigation-api/navigate-event/navigate-event-canintercept-cross-port-expected.txt
@@ -0,0 +1,3 @@
+
+PASS canIntercept should be false for cross-port navigations
+
diff --git a/LayoutTests/imported/w3c/web-platform-tests/navigation-api/navigate-event/navigate-event-canintercept-cross-port.html b/LayoutTests/imported/w3c/web-platform-tests/navigation-api/navigate-event/navigate-event-canintercept-cross-port.html
@@ -0,0 +1,34 @@
+<!DOCTYPE html>
+<meta charset="utf-8">
+<title>Navigation API: canIntercept should be false for cross-port navigations</title>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<body>
+<script>
+promise_test(async t => {
+  const currentPort = location.port || (location.protocol === 'https:' ? '443' : '80');
+  const otherPort = currentPort === '8800' ? '8000' : '8800';
+  const targetURL = `${location.protocol}//${location.hostname}:${otherPort}/`;
+  
+  const navigatePromise = new Promise((resolve) => {
+    navigation.addEventListener("navigate", t.step_func(event => {
+      // Cross-port navigation should have canIntercept === false
+      assert_equals(event.canIntercept, false, 
+        `canIntercept should be false when navigating from port ${currentPort} to port ${otherPort}`);
+      
+      // Prevent the actual navigation
+      event.preventDefault();
+      resolve();
+    }), { once: true });
+  });
+  
+  // Trigger the cross-port navigation
+  const anchor = document.createElement('a');
+  anchor.href = targetURL;
+  document.body.appendChild(anchor);
+  anchor.click();
+  
+  await navigatePromise;
+}, "canIntercept should be false for cross-port navigations");
+</script>
+</body>
diff --git a/Source/WebCore/page/Navigation.cpp b/Source/WebCore/page/Navigation.cpp
@@ -820,6 +820,14 @@ static bool documentCanHaveURLRewritten(const Document& document, const URL& tar
     if (!isSameSite && !isSameOrigin)
         return false;
 
+    // https://html.spec.whatwg.org/multipage/nav-history-apis.html#can-have-its-url-rewritten
+    if (documentURL.protocol() != targetURL.protocol()
+        || documentURL.user() != targetURL.user()
+        || documentURL.password() != targetURL.password()
+        || documentURL.host() != targetURL.host()
+        || documentURL.port() != targetURL.port())
+        return false;
+
     if (targetURL.protocolIsInHTTPFamily())
         return true;
 

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+`
	`2`	`+PASS canIntercept should be false for cross-port navigations`
	`3`	`+`