isolation per domain and authentication on other domains

[siran]

My configuration opens different domains in temporary or permanent containers. Some websites use a third party domain to authenticate. If every domain is opening in a temporary container its impossible to authenticate using the other domain. What is the recommended solution for this?

For example, is it possible to enable opening 3rd party domains in the same temporary (or permanent) container temporarily?

[fishzle]

I'm having the same issue. Logging into services with different microsoft accounts, that whole "I'll redirect to a new domain to login, do some magic and then possibly redirect to another domain" is playing havoc.

This is what I've been doing:

1. go to the login page
2. turning the add-on off
3. doing the auth
4. let it redirect / reload this way and that way
5. re-enable add-on it once the target page is reached

I think the simplest fix is to change the toolbar-icon to have an enable/disable feature. No logic changes or mapping required, just manual activity.

[crssi]

See here https://github.com/stoically/temporary-containers/issues/140#issuecomment-445251189 and here https://github.com/stoically/temporary-containers/issues/140#issuecomment-445252896

It might answer your questions and fulfill your needs.

Cheers

[stoically]

Could either rely on mouse click only isolations, like suggested by @crssi (SSO auths are often triggered by JavaScript, which is why this works), or if you prefer the more strict navigation isolation, then it needs either temporarily disabling the isolation

• Keyboard shortcut Alt+i (must be enabled in the advanced preferences)
• Circle Icon in top nav in the popup (must be enabled in the general preferences)

or adding all URLs included in the SSO auth redirects to the appropriate "Isolation > Exclude Target Domains" preference (that can become tricky).

I don't think there's a way to handle/detect that fully automatically, but if someone has an idea, let me know! :)

[siran]

The Alt+i shortcut is awesome. Thanks!

[crssi]

I don't think there's a way to handle/detect that fully automatically, but if someone has an idea, let me know! :)

If I remember we had already one brainstorming about, but I do not remember the final findings/outcome... but I can be wrong.

The idea is to make and option to remember 1 previous domain and if returning to it it would not affect the container.

For example we set a rule to not change a container where destination URL match something like, for example, /login. At this rule we should have a check box to instruct the TC that when, after that, the destination changes back to previous domain, that is should not change the container.

If I haven't explain good, let me know, so I will rephrase it differently.

Cheers

[stoically]

@siran Glad it works for you!

@crssi Thanks for the suggestion! The challenge with that approach is that it's probably not possible to know whether an redirect will end up back at the same domain, so it would require allowing all navigations in the same container and then retroactively isolating them, which is not feasible I think.

[crssi]

^^ I think the same conclusion was the last time 😉

Cheers and thank you 🥰