Databases
StackOverflow2013
Postsdbo
POHTTP 302 redirects between servers failing in IE, working in FF and chrome
 

Note that there are some explanatory texts on larger screens.

plurals
  1. POHTTP 302 redirects between servers failing in IE, working in FF and chrome
    primarykey
    data
    text
    <p>I'm getting a blank white screen in IE when building a login system that redirects through a 3rd party server for authentication. (The browser is supposedly requesting a page back on my server when it fails.)</p> <p>The login goes like this:</p> <ol> <li>user requests <a href="http://www.myserver.com/" rel="nofollow">http://www.myserver.com/</a> and is returned a 302 redirect to <a href="http://www.myserver.com/login.aspx" rel="nofollow">http://www.myserver.com/login.aspx</a> along with some cookies storing any GET/POST parameters in the initial request and the initial URL.</li> <li>user's browser requests <a href="http://www.myserver.com/login.aspx" rel="nofollow">http://www.myserver.com/login.aspx</a> and is returned 200 OK, and given an HTML page with a username and password field.</li> <li>user submits the HTML form as a POST to <a href="http://www.myserver.com/login.aspx" rel="nofollow">http://www.myserver.com/login.aspx</a> and receives a slightly different 200 response, (this HTML page has a drop down to choose from a list of users the username/password entered in step 2 has the right to login as, (for assistants logging in as their manager.))</li> <li>user selects a value for the drop down and again submits the page as a POST to <a href="http://www.myserver.com/login.aspx" rel="nofollow">http://www.myserver.com/login.aspx</a>. This time they receive a 302 redirect to <a href="https://secure.3rdpartyserver.ca/login/login.aspx?WSLR=" rel="nofollow">https://secure.3rdpartyserver.ca/login/login.aspx?WSLR=</a>{encrypted login parameters including a URL to redirect back to}</li> <li>user's browser does a GET request for <a href="https://secure.3rdpartyserver.ca/login/login.aspx?WSLR=" rel="nofollow">https://secure.3rdpartyserver.ca/login/login.aspx?WSLR=</a>{encrypted login parameters including a URL to redirect back to} and received back a 302 redirect to <a href="http://www.myserver.com/login.aspx?userID=" rel="nofollow">http://www.myserver.com/login.aspx?userID=</a>{number}&amp;sessionId={number}&amp;impersonateId={number}</li> <li>(Firefox/Chrome) user's browser does a GET request for <a href="http://www.myserver.com/login.aspx?userID=" rel="nofollow">http://www.myserver.com/login.aspx?userID=</a>{number}&amp;sessionId={number}&amp;impersonateId={number} and receives back a 302 redirect to <a href="http://www.myserver.com/" rel="nofollow">http://www.myserver.com/</a> (and clears the cookies set in step 1.)</li> <li>(Firefox/Chrome) user's browser does a GET request for <a href="http://www.myserver.com/" rel="nofollow">http://www.myserver.com/</a> and finally gets the HTML page the user wanted in the first place.</li> </ol> <p>Step 6 in IE9 however seems screwed up:</p> <ul> <li>If I don't monitor it at all I get a blank white screen at step 6 with the URL bar showing <a href="http://www.myserver.com/login.aspx?userID=" rel="nofollow">http://www.myserver.com/login.aspx?userID=</a>{number}&amp;sessionId={number}&amp;impersonateId={number}. My login.aspx's Page_Load method is never called on the server.</li> <li>If I hit F12 and use the built in network capture feature it shows everything right up till step 6 then it shows a GET request for <a href="http://www.myserver.com/login/login.aspx?WSLR=" rel="nofollow">http://www.myserver.com/login/login.aspx?WSLR=</a>{encrypted login parameters including a URL to redirect back to} (a non-existent page that's an amalgam of the URL from steps 5 and 6.) When I tried making a page there it was never called. The browser still shows a blank white screen with the URL of <a href="http://www.myserver.com/login.aspx?userID=" rel="nofollow">http://www.myserver.com/login.aspx?userID=</a>{number}&amp;sessionId={number}&amp;impersonateId={number} though. My login.aspx's Page_Load method is never called on the server.</li> <li>If I run HttpAnalyizer while doing this request in IE the whole thing works just like it does in Firefox/Chrome.</li> </ul> <p>I haven't tested in other browsers as this system is still running on my localhost in debug mode. This could also be introducing the bug as localhost is intranet zone and the 3rd party server is internet zone, (although it should work anyway.) Is there a way to make localhost run in the internet zone?</p> <p>If you hit the refresh button or click the address bar and hit enter when it's at the white screen the login proceeds properly as if it didn't break in the first place.</p>
    singulars
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. PTQuestion
    1. USBrian Heward
    1. USBrian Heward
    plurals
    1. This table or related slice is empty.
    1. PL
      singulars
      1. LTLinked
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. VO
      singulars
      1. POHTTP 302 redirects between servers failing in IE, working in FF and chrome
      1. This table or related slice is empty.
      1. VTUpMod
    1. COThis is related to the local intranet zone. When I turned off internet options > security > local intranet > sites > automatically detect intranet network it started working. I'd still like to know what exactly is going on though as it shouldn't be failing with a blank window and no error message or security warning of any kind.
      singulars
      1. POHTTP 302 redirects between servers failing in IE, working in FF and chrome
      1. USBrian Heward
 

Querying!

 
Guidance
A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload