Is it possible to track cross origin redirection?
I can successfully iframe a page on origin B from origin A (no x-frame-deny, content security policy, etc). A page on origin B (page X) redirects to a page on origin C (page Y) with a server side redirect (status 301). Origin C doesn’t all…