User is not redirected to initially requested page in IE11

[orange-buffalo]

Describe the bug User is not redirected to initially requested page in IE11.

To Reproduce

1. Run application with WebFlux and HTTP security configured (for instance, the basic reproducer).
2. Navigate to non-root URL (e.g. http://mapped-host:8080/test). It is important to use the host name instead of IP address or localhost to reproduce this issue (IE sends Accept header inconsistently, see below for details). ER = AR: User is redirected to the authentication page (form login in this reproducer, OIDC IDP in our production scenario).
3. Provide proper credentials (user / password in the reproducer) and execute the login.

ER: User is redirected to the initially requested page, i.e. http://mapped-host:8080/test AR: User is redirected to the root page: http://mapped-host:8080

Sample https://github.com/orange-buffalo/spring-security-saved-request-ie11-reproducer

Assessment During the initial user request as described above, the following log output is observed:

2020-09-14 20:46:28.291 TRACE 102554 --- [or-http-epoll-2] o.s.w.s.adapter.HttpWebHandlerAdapter    : [5484bc0b-1] HTTP GET "/test", headers={masked}
2020-09-14 20:46:28.320 DEBUG 102554 --- [oundedElastic-1] o.s.w.s.s.DefaultWebSessionManager       : Created new WebSession.
2020-09-14 20:46:28.335 DEBUG 102554 --- [oundedElastic-1] .s.u.m.MediaTypeServerWebExchangeMatcher : httpRequestMediaTypes=[image/jpeg, application/x-ms-application, image/gif, application/xaml+xml, image/pjpeg, application/x-ms-xbap, */*]
2020-09-14 20:46:28.335 DEBUG 102554 --- [oundedElastic-1] .s.u.m.MediaTypeServerWebExchangeMatcher : Processing image/jpeg
2020-09-14 20:46:28.335 DEBUG 102554 --- [oundedElastic-1] .s.u.m.MediaTypeServerWebExchangeMatcher : text/html .isCompatibleWith image/jpeg = false
2020-09-14 20:46:28.335 DEBUG 102554 --- [oundedElastic-1] .s.u.m.MediaTypeServerWebExchangeMatcher : Processing application/x-ms-application
2020-09-14 20:46:28.335 DEBUG 102554 --- [oundedElastic-1] .s.u.m.MediaTypeServerWebExchangeMatcher : text/html .isCompatibleWith application/x-ms-application = false
2020-09-14 20:46:28.336 DEBUG 102554 --- [oundedElastic-1] .s.u.m.MediaTypeServerWebExchangeMatcher : Processing image/gif
2020-09-14 20:46:28.336 DEBUG 102554 --- [oundedElastic-1] .s.u.m.MediaTypeServerWebExchangeMatcher : text/html .isCompatibleWith image/gif = false
2020-09-14 20:46:28.336 DEBUG 102554 --- [oundedElastic-1] .s.u.m.MediaTypeServerWebExchangeMatcher : Processing application/xaml+xml
2020-09-14 20:46:28.336 DEBUG 102554 --- [oundedElastic-1] .s.u.m.MediaTypeServerWebExchangeMatcher : text/html .isCompatibleWith application/xaml+xml = false
2020-09-14 20:46:28.336 DEBUG 102554 --- [oundedElastic-1] .s.u.m.MediaTypeServerWebExchangeMatcher : Processing image/pjpeg
2020-09-14 20:46:28.336 DEBUG 102554 --- [oundedElastic-1] .s.u.m.MediaTypeServerWebExchangeMatcher : text/html .isCompatibleWith image/pjpeg = false
2020-09-14 20:46:28.336 DEBUG 102554 --- [oundedElastic-1] .s.u.m.MediaTypeServerWebExchangeMatcher : Processing application/x-ms-xbap
2020-09-14 20:46:28.336 DEBUG 102554 --- [oundedElastic-1] .s.u.m.MediaTypeServerWebExchangeMatcher : text/html .isCompatibleWith application/x-ms-xbap = false
2020-09-14 20:46:28.336 DEBUG 102554 --- [oundedElastic-1] .s.u.m.MediaTypeServerWebExchangeMatcher : Processing */*
2020-09-14 20:46:28.336 DEBUG 102554 --- [oundedElastic-1] .s.u.m.MediaTypeServerWebExchangeMatcher : Ignoring
2020-09-14 20:46:28.336 DEBUG 102554 --- [oundedElastic-1] .s.u.m.MediaTypeServerWebExchangeMatcher : Did not match any media types
2020-09-14 20:46:28.336 TRACE 102554 --- [oundedElastic-1] o.s.w.s.adapter.HttpWebHandlerAdapter    : [5484bc0b-1] Completed 302 FOUND, headers={masked}
2020-09-14 20:46:28.340 DEBUG 102554 --- [oundedElastic-1] o.s.w.s.s.DefaultWebSessionManager       : WebSession expired or has been invalidated
2020-09-14 20:46:28.344 TRACE 102554 --- [oundedElastic-1] o.s.h.s.r.ReactorHttpHandlerAdapter      : [5484bc0b-1] Handling completed

While for the initial request from a modern browser (or IE when IP address is used instead of a mapped host) the output is:

2020-09-15 08:12:32.143 TRACE 140123 --- [or-http-epoll-2] o.s.w.s.adapter.HttpWebHandlerAdapter    : [2602da88-1] HTTP GET "/test", headers={masked}
2020-09-15 08:12:32.172 DEBUG 140123 --- [oundedElastic-1] o.s.w.s.s.DefaultWebSessionManager       : Created new WebSession.
2020-09-15 08:12:32.186 DEBUG 140123 --- [oundedElastic-1] .s.u.m.MediaTypeServerWebExchangeMatcher : httpRequestMediaTypes=[text/html, application/xhtml+xml, */*]
2020-09-15 08:12:32.186 DEBUG 140123 --- [oundedElastic-1] .s.u.m.MediaTypeServerWebExchangeMatcher : Processing text/html
2020-09-15 08:12:32.186 DEBUG 140123 --- [oundedElastic-1] .s.u.m.MediaTypeServerWebExchangeMatcher : text/html .isCompatibleWith text/html = true
2020-09-15 08:12:32.186 TRACE 140123 --- [oundedElastic-1] o.s.w.s.adapter.HttpWebHandlerAdapter    : [2602da88-1] Completed 302 FOUND, headers={masked}
2020-09-15 08:12:32.191 TRACE 140123 --- [oundedElastic-1] o.s.h.s.r.ReactorHttpHandlerAdapter      : [2602da88-1] Handling completed

It looks like MediaTypeServerWebExchangeMatcher created by WebSessionServerRequestCache does not take into account specific IE Accept header implementation: image/jpeg, application/x-ms-application, image/gif, application/xaml+xml, image/pjpeg, application/x-ms-xbap, */*, and initial request is never saved.

[sjohnr]

@orange-buffalo I am sorry this issue was not responded to. I came across it doing some cleanup in our issue tracker.

It does not appear anyone else was impacted by this issue as there have been no comments or upvotes for the time it has been open. My understanding is that IE11 is no longer supported, so I am going to close this issue as no longer valid. If you still have this issue, let me know and I'd be happy to help you with a workaround.