Skip to content

Url Helper Service should not discard question marks when parsing hash fragment #604

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
jeroenheijmans opened this issue Aug 13, 2019 · 3 comments
Closed

Url Helper Service should not discard question marks when parsing hash fragment #604

jeroenheijmans opened this issue Aug 13, 2019 · 3 comments
Labels
bug For tagging faulty or unexpected behavior. investigation-needed Indication that the maintainer or involved community members may need to investigate more.

Comments

@jeroenheijmans
Copy link
Collaborator

In a sense, this might be a duplicate of #415. I've created this issue because a lone PR popped up: #603.

Looking at the PR I see that indeed, for reasons unknown to me, the url helper very deliberately removes question marks from the hash fragment.

Perhaps @danyo1399 can elaborate what triggered them to write the PR in the first place?
@jeroenheijmans jeroenheijmans added bug For tagging faulty or unexpected behavior. investigation-needed Indication that the maintainer or involved community members may need to investigate more. labels Aug 13, 2019
@danyo1399
Copy link

Hi there.
The problem i am facing that triggered the PR is that silent refresh errors get swallowed and not raised as errors because the error response is chopped to after the ?. The silent refresh will eventually timeout which generates a different error which i then use to trigger a redirect login but that happens only after 20 seconds.

When i manually manipulate the hash removing the questionmark, the silent refresh error is returned immediately to the caller and i can call the login implicit flow straight away.

My web app is setup that on navigation, check if we have a valid token and if not attempt silent login, and if that fails perform implicit flow login.

When the user first loads the site, it tries the do a silent login. If the silent login fails, the error is swallowed due to the bug and after 20 seconds it attempts the implicit flow login. This unnecessarily causes a min 20 second delay from when the user opens the website to the point they see the login screen.

Example error below. Hope it helps
Regards Dan

#error=login_required&error_description=AADSTS50058:+A+silent+sign-in+request+was+sent+but+no+user+is+signed+in.%0D%0ATrace+ID:+acd8ea14-86d6-4adf-b293-hiddenvalue%0D%0ACorrelation+ID:+e8273357-2e1c-462f-baee-hiddenvalue%0D%0ATimestamp:+2019-08-13+23:00:48Z&error_uri=https://login.microsoftonline.com/error?code=50058&state=hiddenvalue

@danyo1399
Copy link

Is there anything more you would like me to do regarding this?

@manfredsteyer
Copy link
Owner

should work with version 9.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug For tagging faulty or unexpected behavior. investigation-needed Indication that the maintainer or involved community members may need to investigate more.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@manfredsteyer @jeroenheijmans @danyo1399