Closed dpuffenberger closed 4 years ago
davidjrh
commented
6 years ago Do you have the site behind a Web Application Firewall? Also wondering the length of the URL that was created by the Azure AD. Can you copy and paste the URL on notepad and count the number of characters?
dpuffenberger
commented
6 years ago No WAP's or CDNs. I've tried installing and using on both a localhost environment and a test site environment on production server. Each with the same results. The URL (after the "code/") is 781 characters long.
davidjrh
commented
4 years ago I could finally reproduce this isse on a local site. Seems this is caused by the Friendly URL provider, chaning the "?code=AAA..Z&state=xxx" for "/code/AAA..Z?state=xxx". Since the code is long, IIS returns a Bad Request. This can be solved by disabling the "Settings > SEO > URL Management > General Settings > Redirect to Friendly URLs", or by changing the default "Ignore URL Regular Expression" under the Expressions Tab.
moorecreative
commented
4 years ago HI David, I'm getting this same response too... turning off the Redirect to Friendly URLs works instantly.
What would we update in the "Ignore URL Regular Expression" though if we wanted to keep the friendly url redirect ON but have it ignore the AD querystring (which is what I assume we're trying to do).
Looks like querystring variables of: /code /session_state
and the default Ignore URL Regular Expression regex is: (?<!linkclick.aspx.+)(?:(?<!\?.+)(.pdf$|.gif$|.png($|\?)|.css($|\?)|.js($|\?)|.jpg$|.axd($|\?)|.swf$|.flv$|.ico$|.xml($|\?)|.txt$))
and when changed, will this page load as one without firendly url like /Default.aspx?tabid=222&code=AQABAAIAA... &session_state=AQABAAIAA... and would need to be listed in the redirect url setting as this non-friendly version to match?
I am getting a "Bad Request" HTTP Error 400 after successful login with the Azure AD with the URL in the address bar showing a long code preceded by "code/" and ending with session state details.