Keycloak OpenID Connect logout does not work
Categories
(Web Compatibility :: Site Reports, defect, P1)
Tracking
(firefox-esr115 unaffected, firefox-esr128 affected, firefox129 wontfix, firefox130 wontfix, firefox131 wontfix, firefox132 fixed)
People
(Reporter: seevik, Assigned: valentin)
References
(Regression, )
Details
(Keywords: regression, webcompat:platform-bug, webcompat:site-report)
User Story
platform:windows,mac,linux,android impact:workflow-broken configuration:general affects:all branch:release diagnosis-team:networking
Attachments
(1 obsolete file)
Steps to reproduce:
I get PNG Image 1x1 pixel with a gray screen when I click link to website such as this url https://timesheet2.trask.cz/auth/logout
Actual results:
since firefox version 128 i get weird bug with some url requests when i get 1x1 PNG image instead as url response. before version 128 everything was ok. for example, i have keycloak oidc instance where i have secured my webpage with openid connect login page. when i wanted to logout instead of logout response i get 1x1 PNG image as result. i have no antiviruses, ive tested this at multiple computers in multiple different networks and have same problem.
Expected results:
webpage https://timesheet2.trask.cz/auth/logout should show me logout page from my keycloak instance as it always does before firefox version 128
this is a huge problem for our company where we have multiple applications secured with keycloak oidc and logout doesnt work at any of them
Reporter | ||
Comment 1•1 month ago
|
||
i would like also state that this only occurs in firefox browser, not in any other browsers
Reporter | ||
Updated•1 month ago
|
Updated•1 month ago
|
Comment 2•1 month ago
|
||
INFO: Last good revision: b65db35b56b67a06b6f1f9e07f26acfff4a079fe
INFO: First bad revision: 4375d3bfa8fe60b69166e27f639e2403164e7b08
INFO: Pushlog:
https://hg.mozilla.org/integration/autoland/pushloghtml?fromchange=b65db35b56b67a06b6f1f9e07f26acfff4a079fe&tochange=4375d3bfa8fe60b69166e27f639e2403164e7b08
Comment 3•20 days ago
|
||
Hi Valentin, could you please take a look at this?
Updated•18 days ago
|
Assignee | ||
Comment 4•17 days ago
|
||
The problem is that our document accept header also includes the image formats.
https://searchfox.org/mozilla-central/rev/5959ec6b84d66592a77a3e5e2d2aedc1b3e7d4c5/netwerk/protocol/http/nsHttpHandler.cpp#233,244
// but we also insert all of the image formats before */*
...
mimeTypes.Append("image/webp,image/png,image/svg+xml,*/*;q=0.8");
This isn't exactly up to spec. We added image mime types to the document accept header in bug 1658008 but bug 1711622 added image/svg+xml to both the image and document accept header.
I think it shouldn't have been present in the document accept header.
Assignee | ||
Updated•17 days ago
|
Assignee | ||
Comment 5•17 days ago
|
||
I was wrong - it's not image/svg+xml
that's causing the issue, but image/png
Chrome also includes image formats in the document accept header, but they use image/apng
instead: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
I'll add a pref whether to include image formats in the accept header, and default to false.
This should align us with the fetch spec and Safari.
Assignee | ||
Comment 6•17 days ago
|
||
This aligns us with the fetch spec and Safari.
This patch also adds a pref to control whether supported image formats are also
part of the document accept header - defaults to false.
Updated•17 days ago
|
Comment 7•16 days ago
|
||
Comment on attachment 9422763 [details]
Bug 1914363 - Remove image mime types from documment accept header r=#necko
Revision D221110 was moved to bug 1917177. Setting attachment 9422763 [details] to obsolete.
Comment 8•12 days ago
|
||
Fixed in bug 1917177 which should ride to release
Updated•10 days ago
|
Updated•10 days ago
|
Comment 9•16 hours ago
|
||
Bug 1917177 doesn't seem like the kind of bug we want to backport without plenty of bake time, but we may want to keep it on the ESR128 radar for some point down the line at least.
Description
•