Open AdrianFarmadin opened 2 years ago
So that's because of network.cookie.sameSite.noneRequiresSecure: true
in about:config
?
Yes, exactly.
Some info from Microsoft: https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-handle-samesite-cookie-changes-chrome-browser
We shouldn't have any cookies that require cross domain, but I'll check this when I have time.
It works in Chrome's implementation of this just fine
Jenkins and plugins versions report
Environment
Jenkins: 2.319.2 OS: Linux - 5.11.0-43-generic --- ace-editor:1.1 active-directory:2.25.1 analysis-model-api:10.9.1 ansicolor:1.0.1 ant:1.13 antisamy-markup-formatter:2.7 apache-httpcomponents-client-4-api:4.5.13-1.0 artifactory:3.15.2 authentication-tokens:1.4 authorize-project:1.4.0 azure-ad:189.v2da14dccdb43 azure-sdk:84.v53035e83f3c2 basic-branch-build-strategies:1.3.2 bitbucket:214.v2fd4234d0554 blueocean:1.25.2 blueocean-autofavorite:1.2.4 blueocean-bitbucket-pipeline:1.25.2 blueocean-commons:1.25.2 blueocean-config:1.25.2 blueocean-core-js:1.25.2 blueocean-dashboard:1.25.2 blueocean-display-url:2.4.1 blueocean-events:1.25.2 blueocean-git-pipeline:1.25.2 blueocean-github-pipeline:1.25.2 blueocean-i18n:1.25.2 blueocean-jwt:1.25.2 blueocean-personalization:1.25.2 blueocean-pipeline-api-impl:1.25.2 blueocean-pipeline-editor:1.25.2 blueocean-pipeline-scm-api:1.25.2 blueocean-rest:1.25.2 blueocean-rest-impl:1.25.2 blueocean-web:1.25.2 bootstrap4-api:4.6.0-3 bootstrap5-api:5.1.3-4 bouncycastle-api:2.25 branch-api:2.7.0 build-timeout:1.20 build-timestamp:1.0.3 caffeine-api:2.9.2-29.v717aac953ff3 checks-api:1.7.2 cloudbees-bitbucket-branch-source:751.vda_24678a_f781 cloudbees-folder:6.17 cobertura:1.17 code-coverage-api:2.0.4 command-launcher:1.6 conditional-buildstep:1.4.1 config-file-provider:3.8.2 configuration-as-code:1.55.1 credentials:1074.v60e6c29b_b_44b_ credentials-binding:1.27.1 data-tables-api:1.11.3-6 delivery-pipeline-plugin:1.4.2 deployit-plugin:10.0.6 display-url-api:2.3.5 docker-commons:1.18 docker-workflow:1.27 dtkit-api:3.0.0 durable-task:493.v195aefbb0ff2 echarts-api:5.2.2-2 email-ext:2.87 favorite:2.3.3 font-awesome-api:5.15.4-5 forensics-api:1.7.0 git:4.10.3 git-client:3.11.0 git-server:1.10 github:1.34.1 github-api:1.301-378.v9807bd746da5 github-branch-source:2.11.4 google-oauth-plugin:1.0.6 gradle:1.38 greenballs:1.15.1 groovy:2.4 handlebars:3.0.8 handy-uri-templates-2-api:2.1.8-1.0 hashicorp-vault-plugin:336.v182c0fbaaeb7 htmlpublisher:1.28 http_request:1.13 ivy:2.1 jackson2-api:2.13.1-246.va8a9f3eaf46a jacoco:3.3.1 javadoc:1.6 javax-activation-api:1.2.0-2 javax-mail-api:1.6.2-5 jaxb:2.3.0.1 jdk-tool:1.5 jenkins-design-language:1.25.2 jjwt-api:0.11.2-9.c8b45b8bb173 job-dsl:1.78.3 jquery:1.12.4-1 jquery3-api:3.6.0-2 jsch:0.1.55.2 junit:1.53 kubernetes:1.31.3 kubernetes-client-api:5.11.2-182.v0f1cf4c5904e kubernetes-credentials:0.9.0 lockable-resources:2.13 mailer:408.vd726a_1130320 matrix-auth:3.0 matrix-project:1.20 maven-plugin:3.16 mercurial:2.16 metrics:4.0.2.8.1 momentjs:1.1.1 oauth-credentials:0.5 okhttp-api:4.9.3-105.vb96869f8ac3a opentelemetry:0.21 pam-auth:1.6.1 parameterized-trigger:2.43 pipeline-build-step:2.15 pipeline-graph-analysis:188.v3a01e7973f2c pipeline-input-step:446.vf27b_0b_83500e pipeline-milestone-step:1.3.2 pipeline-model-api:1.9.3 pipeline-model-definition:1.9.3 pipeline-model-extensions:1.9.3 pipeline-rest-api:2.20 pipeline-stage-step:291.vf0a8a7aeeb50 pipeline-stage-tags-metadata:1.9.3 pipeline-stage-view:2.20 pipeline-utility-steps:2.12.0 plain-credentials:1.7 plugin-util-api:2.12.0 popper-api:1.16.1-2 popper2-api:2.11.2-1 prism-api:1.25.0-2 pubsub-light:1.16 resource-disposer:0.17 run-condition:1.5 scm-api:595.vd5a_df5eb_0e39 script-security:1131.v8b_b_5eda_c328e skip-notifications-trait:1.0.5 slack:2.49 snakeyaml-api:1.29.1 sse-gateway:1.24 ssh-credentials:1.19 ssh-slaves:1.33.0 sshd:3.1.0 startup-trigger-plugin:2.9.3 statistics-gatherer:2.0.3 structs:308.v852b473a2b8c thinBackup:1.10 timestamper:1.16 token-macro:267.vcdaea6462991 trilead-api:1.0.13 variant:1.4 warnings-ng:9.11.0 workflow-aggregator:2.6 workflow-api:1136.v7f5f1759dc16 workflow-basic-steps:2.24 workflow-cps:2648.va9433432b33c workflow-cps-global-lib:552.vd9cc05b8a2e1 workflow-durable-task-step:1121.va_65b_d2701486 workflow-job:1145.v7f2433caa07f workflow-multibranch:706.vd43c65dec013 workflow-scm-step:2.13 workflow-step-api:622.vb_8e7c15b_c95a_ workflow-support:813.vb_d7c3d2984a_0 ws-cleanup:0.40 xunit:3.0.5What Operating System are you using (both controller, and any agents involved in the problem)?
Image: jenkins/jenkins:lts
Reproduction steps
Expected Results
Working log in
Actual Results
Infinite loop of redirects to Azure authentication
Anything else?
Login is working with disabled sameSite cookie policy in Firefox