Open viorelaioia-zz opened 6 years ago
viorelaioia-zz
commented
6 years ago This was fixed by not showing nlx in history when clicking an app from the dashboard. This is working for most RPs, but there are still RPs that have the back button active and clicking it returns error page:
andrewkrug
commented
6 years ago These are all SAML apps. I don't think that this is fixable for these properties.
gdestuynder
commented
5 years ago we could handle the back button redirect in SSO dashboard by forcing the user to stay on the page with the regular warning of a modified page, so that they click the button isntead of hitting back
otherwise, this should be an auth0 ticket so that they redirect (see https://community.auth0.com/t/error-when-hitting-back-button-from-sso-and-trying-to-login-via-email-password/11572)
gdestuynder
commented
5 years ago Another thing that's possible, which i tested in dev is to change the error page to a specific URL such as https://sso.mozilla.com
However this option has zero data on the error, and no actual code or js running on an auth0 page (its purely a 302) so all we can do is have some kind of /error-signing type route which just say "Hey you could not sign in because you used the browser back button, please try to login again" (not great, but maybe better?)
In sso dashboard, when clicking on an app, a new tab is opened and the user is first redirected to nlx (which does the auto login), then to the RP. So in the new tab we have a Back because nlx is in the history. When clicking the Back button, an error page is shown when going back to nlx (different error pages for different RPs - see below screenshots for mozillians and phonebook). I believe this is not a good UX. We should maybe change the message that is shown when the users clicks the Back button.