Closed nithinpoulosek closed 6 months ago
I've seen this too with one of our applications.
Does anybody have a solution or workaround?
You should raise this issue with Chrome. This is not something we have any control over. If there's something the auth service is doing that is triggering this it would help to understand specifically what that is and you should report that by opening a ticket here
Also as a side note: v1 is deprecated and not receiving any further investments. Please upgrade to v3 at your earliest convenience so that we can offer you support for future needs.
Core Library
MSAL.js (@azure/msal-browser)
Core Library Version
1.0.0
Wrapper Library
MSAL Angular (@azure/msal-angular)
Wrapper Library Version
1.0.0
Public or Confidential Client?
Confidential
Description
We are using MSAL Angular 1.0.0 (Angular 8) application for Azure AD login. The application has been working fine for the last four years without any issues. However, starting last week, after Microsoft login, the redirect URL (eg: https://site_url.com/authcallback#id_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6InEtM...) is being marked as a dangerous site by the browser.
We noticed a Google update last week regarding browser URL policy. :- https://security.googleblog.com/2024/03/blog-post.html
Error Message
No response
MSAL Logs
No response
Network Trace (Preferrably Fiddler)
MSAL Configuration
Relevant Code Snippets
Reproduction Steps
Expected Behavior
The application should be logged in without any warning.
Identity Provider
Entra ID (formerly Azure AD) / MSA
Browsers Affected (Select all that apply)
Chrome
Regression
No response
Source
External (Customer)