Session cookie not set on IE 6 & 7, possibly other browsers

bengler / checkpoint

Centralized identity store and authentication broker for web applications. It supports a number of authentication mechanisms and is provided via a http-interface.

MIT License

31 stars 2 forks source link

Session cookie not set on IE 6 & 7, possibly other browsers #51

Open atombender opened 11 years ago

atombender commented 11 years ago

IE 6/7 will get an internal error because /auth/:provider/callback because it does not remember the redirect URL stored in the session.

Safari 5.0 on Mac and Safari on iOS 5 do not allow setting a cookie while redirecting between domains, could be the same issue.

A workaround (frequently used by ads) is to return a web page instead of redirecting. The web page can contain a script that submits a form (with a meta refresh header as a backup).

simen commented 11 years ago

The workaround (9651e0f27ebe3768ee2519a05b65ca4fa970331d) has been implemented in the branch upgrade-ominauth-oauth2 and is currently being tested.