vikejs / vike

🔨 Flexible, lean, community-driven, dependable, fast Vite-based frontend framework.
https://vike.dev
MIT License
4.46k stars 352 forks source link

Client Side Router - Security Error - Attempt to use `history.replaceState()` more than 100 times per 30 seconds #325

Closed pieperz closed 2 years ago

pieperz commented 2 years ago

I believe I'm seeing is an issue coming from client side routing. I have not been able to reproduce this locally, however I have many examples / traces of the error and its happening quite often in production.

This issue seems related https://github.com/brillout/vite-plugin-ssr/issues/46 I can confirm that 99% of people have been on an apple device. I have also seen the scroll restoration go back to an odd/incorrect location several times.

Some of our pages depend on query params and update them accordingly but to the best that I can tell it's unrelated to this problem.

Let me know what you think the next best steps are, I'm happy to let you see some of the error traces and show you what customers where doing. Sorry I have not been able to reproduce this locally or have a better handle on when/why this happens.

brillout commented 2 years ago

Let me think of a solution.

brillout commented 2 years ago

I have also seen the scroll restoration go back to an odd/incorrect location several times.

Can you elaborate on that?

pieperz commented 2 years ago

I have HotJar setup on the site recording sessions and I have seen a few places where navigation did not seem to go "back" to the correct spot. But again I have not seen it "live" with my own eyes just in HotJar recordings. There is 1 person on the team that has had it happen 1 time but never reproduced.

brillout commented 2 years ago

Did this happen on Safari? That would make sense since Safari may block the vite-plugin-ssr's scroll saving mechanism for up to 20 seconds.

pieperz commented 2 years ago

Here are the stats across all the errors I have. Screen Shot 2022-05-19 at 05 10 37

brillout commented 2 years ago

I have HotJar setup on the site recording sessions and I have seen a few places where navigation did not seem to go "back" to the correct spot.

Your screenshot doesn't confirm that though, right?

pieperz commented 2 years ago

Yes sorry, I wanted to really look in to it and do more testing.

I can confirm that I have had this happen in chrome on macOS but there was no error, so I'm not sure its related.

I have seen it happen on Android Phones as well in HotJar recording, but again I can't confirm seeing the error as well.

brillout commented 2 years ago

Security Error - Attempt to use history.replaceState() more than 100 times per 30 seconds

For this error, I've a fix in mind.

navigation did not seem to go "back" to the correct spot.

For this I need a reproduction I'm afraid.

pieperz commented 2 years ago

Security Error - Attempt to use history.replaceState() more than 100 times per 30 seconds

For this error, I've a fix in mind.

Perfect! let me know if you need anything from me.

navigation did not seem to go "back" to the correct spot.

For this I need a reproduction I'm afraid.

I will work on finding a smoking gun here.

brillout commented 2 years ago

👍 ETA for beginning to work on this being next week.

brillout commented 2 years ago

The Security Error - Attempt to use history.replaceState() more than 100 times per 30 seconds error should not occur anymore in 0.4.

As for wrong scroll restoration, I'll need a reproduction.

patryk-smc commented 2 years ago

I can confirm that is fixed in 0.4.0-beta.32. Thank you!