Closed Bug 1401767 Opened 7 years ago Closed 7 years ago

If you are logged out of phonebook, and perform a search, it gives you no results

Categories

(Webtools Graveyard :: Phonebook, defect)

Product:
Webtools Graveyard
Component:
Phonebook
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: kang, Unassigned)

References

Details

Attachments

(1 file, 1 obsolete file)

XHR wrapper demo
3.70 KB, text/plain
Details
Attached file XHR wrapper demo (obsolete) — 
Issue:
When you leave a web browser page/tab open with phonebook - such as https://phonebook.mozilla.org/tree.php - and leave the page alone until the Auth0/SSO session expire (say a day), then come back to it and try to search - nothing happens.

This is because phonebook is doing an XHR (ie background/xmlhttprequest) request and gets back an authentication prompt which it does not know what to do with (302), instead of the expected data.

While you can also fix that in code, I also wrote a wrapper in js that forces a page reload when that happens, which lets the user re-authenticate (in hope that it makes it easy to fix).

I'm attaching a POC with the wrapper function (called XMLHttpRequest(function(xhr)...) that has to be inserted somewhere in the page (it can be called as a file such as xhr_fixup.js for CSP reasons, of course). This will wrap all XHR calls and magically fix them all.

Hope this helps!
Summary: XHR, Auth0 SSO and phonebook (patch) → If you are logged out of phonebook, and perform a search, it gives you no results
Attached file XHR wrapper demo 
Noticed there was a stray "XMLHttpRequest" in the code, confusing. Removed it.
Attachment #8910519 - Attachment is obsolete: true
With this fixup in place, is the user-initiated action that resulted in the non-200 XHR eventually displayed to the user post-SSO? For instance, "clicked on a user in org tree", or "searched for a term", or etc.
Flags: needinfo?(gdestuynder)
@comment3 : No, I don't believe so, unless Phonebook supports this (which I believe it does not support).
Basically, all it does is obey the HTTP code (such as 302 when you need to login again, which sends you to the main page of Phonebook once logged in).
Flags: needinfo?(gdestuynder)
Hmm. Well, at least it's the same before and after.
On the phonebook master branch (not yet deployed anywhere), this now displayed an error and asks you to click-to-reload, using the $.ajax(complete:) handler to trap and detect errors. I'll test again when that's live, but we might not need this.
Could you please verify whether this still occurs on stage (phonebook.allizom)?
Flags: needinfo?(gdestuynder)
this technically works - however, the UX is a little odd:
if you're scroll down the org tree on https://phonebook.allizom.org/tree.php for example and click something here, you won't see the reload message because it appears at the top of the page (with a broken image link as well).
Flags: needinfo?(gdestuynder) → needinfo?(rsoderberg)
It should have scrolled. I'll work on it. Thanks.
Flags: needinfo?(rsoderberg)
Scrolling fixed, this will go live in staging today at some point.
Live in staging, verified with various auth breakages here. This will be deployed to production along with other fixes in the future.
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → FIXED
Depends on: 1419642
Product: Webtools → Webtools Graveyard
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: