Closed bradamelton closed 1 year ago
related?
Cookie “__Host-GAPS” does not have a proper “SameSite” attribute value. Soon, cookies without the “SameSite” attribute or with an invalid value will be treated as “Lax”. This means that the cookie will no longer be sent in third-party contexts. If your application depends on this cookie being available in such contexts, please add the “SameSite=None“ attribute to it. To know more about the “SameSite“ attribute, read https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite
I think this is more of the sandbox issue:
https://html.spec.whatwg.org/multipage/iframe-embed-object.html#attr-iframe-sandbox
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
InstallTrigger is deprecated and will be removed in the future. AuthContext.js:27 onmozfullscreenchange is deprecated. AuthContext.js:27 onmozfullscreenerror is deprecated.
Another says it can be a CORS thing:
The CORS (Cross-Domain Resource Sharing) calls I was making were set to 'async: false' -- (which I realize I did not include in my original post, as I thought it was inconsequential) this, seems to operate fine in all browsers except Firefox, where jQuery will bark at you and your ajax call will fail.
Not seeing any issue with my CORS
Sounds similar:
DOMException: A parameter or an operation is not supported by the underlying object
Error: IFrame timed out without a response columnNumber: 21 fileName: "http://localhost:8080/static/js/bundle.js" lineNumber: 68009 message: "IFrame timed out without a response" name: "ErrorTimeout"
inside oidc-client-ts navigators AbstractChildWindow when trying to renew
DOMException: A parameter or an operation is not supported by the underlying object
this is from a window.open in oidc-client-ts PopupWindow.ts ln 33
Could very well be sandbox related
" An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing. "
Can we disable the iframes sandbox?
giving it a try in oidc-client-ts iFrameWindow.ts ln 45. Due to the above warning, this can probably be a pull request.
Looks like we may be able to reproduce with IdentityServer: https://github.com/IdentityServer/IdentityServer4/issues/5487
Switched to react-oidc-context. Added Login hint to oidc-client-ts. Allowing Popup instead of Silent, which resolves the "interaction_required" error.
Worklng well now. Still testing mobile.
Error is "interaction_required"
http://localhost:8080/?state=96c64e00c44f4bdfacc8f491429cd4da&error_subtype=access_denied&error=interaction_required