Vanwege onderhoudswerkzaamheden die uw ervaring zouden moeten verbeteren, heeft deze website beperkte functionaliteit. Als een artikel uw probleem niet verhelpt en u een vraag wilt stellen, kan onze ondersteuningsgemeenschap u helpen in @FirefoxSupport op Twitter en /r/firefox op Reddit.

Zoeken in Support

Vermijd ondersteuningsscams. We zullen u nooit vragen een telefoonnummer te bellen, er een sms naar te sturen of persoonlijke gegevens te delen. Meld verdachte activiteit met de optie ‘Misbruik melden’.

Meer info

Deze conversatie is gearchiveerd. Stel een nieuwe vraag als u hulp nodig hebt.

Firefox does not follow 302 redirect

  • 1 antwoord
  • 1 heeft dit probleem
  • 3 weergaven
  • Laatste antwoord van d3458739458

more options

Hi,

why does Firefox not follow a redirect response it gets from server a to go to a page on server b?

This happens when I use "oauth" to login with linkedin.com or xing.com. The login is reported successful with a 302 redirect response, but firefox does not follow to the location, to tell server that initiated the oauth process, that the login worked.

The old page of server a just stays there. When I copy the location from the 302 response into the address bar and hit return, then the oauth process finishes successfully.

Other 302 redirects are being followed normally... what's wrong with these ones?

Find attached the 302 request/responses.

Best regards


---Request to xing.com ------------------------------------------------------------

Request-Headers:


GET /v1/authorize?oauth_token=cd563afae9d33bfe249e HTTP/1.1 Host: api.xing.com User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: de-CH,en-GB;q=0.7,en;q=0.3 Accept-Encoding: gzip, deflate DNT: 1 Referer: https://login.xing.com/continue?application_name=my.server.com&application_website=https%3A%2F%2Fmy.server.com%2F&dest_url=https%3A%2F%2Fapi.xing.com%2Fv1%2Flogin_successful%3Fattempt%3D0%26oauth_token%3Dcd563afae9d33bfe249e&locale=de&logged_out_sid=206d8b0888fb756b086495ead20f51a9&section=oauth&token_param=login_token Cookie: s_fid=49960A8B018821BB-398B08D9D9B76FBD; s_vi=[CS]v1|2B2054DE853121B7-6000010F2003EA74[CE]; c_=02ebe019e3f0a6b9fa4fec6affab748f; language=de; s_cc=true; s_sq=xingcomprod%3D%2526pid%253Dlogin_app%25252Flogin%25252Fcontinue%25252Foauth%2526pidt%253D1%2526oid%253DEinloggen%2526oidt%253D3%2526ot%253DSUBMIT; xws_login_session=BAhJIjg0MzA5NTY5LXI2OGkzMEsyM3lkMVN1NlpyQnFRTjdERWxMbjl3N0FLSWpwaHkxSE52V1EGOgZFVA%3D%3D--fe57839a71d31febffaf37dab2be492fabb654e0 Connection: keep-alive


Response-Headers:


HTTP/1.1 302 Found Date: Fri, 27 Nov 2015 14:37:30 GMT Server: Apache X-Frame-Options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff Cache-Control: no-cache X-Logjam-Request-Id: xws-production-b9293a6a6ac2463db1030db6e7ac5c15 X-Logjam-Request-Action: WebService::OauthController#authorize X-Request-Id: 67fa147e-7294-4191-bc3f-2cf49d90c1ba X-Runtime: 0.143464 X-Powered-By: Phusion Passenger 4.0.59 Location: https://my.server.com/de/social/endpoint?hauth.done=Xing&oauth_token=cd563afae9d33bfe249e&oauth_verifier=4548 Status: 302 Found Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 172 Keep-Alive: timeout=5, max=7 Connection: Keep-Alive Content-Type: text/html; charset=utf-8


---Request to linkedin.com ------------------------------------------------------------

Request-Headers:


GET /uas/oauth/authenticate?oauth_token=78--65d791f2-16ac-403b-a227-e2425cf04094 HTTP/1.1 Host: www.linkedin.com User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: de-CH,en-GB;q=0.7,en;q=0.3 Accept-Encoding: gzip, deflate DNT: 1 Referer: https://my.server.com/de/signup/xing?nocache=1448635043297 Cookie: bcookie="v=2&92b47b8a-0682-4e3f-8061-fa7b6f410d77"; JSESSIONID="ajax:1143168962939487925"; visit="v=1&M"; bscookie="v=1&20151102162014d53740a0-0d42-4663-8cf6-240b92aa523aAQE8DJimFodXl_OnJdid8zRrTA5CiFuY"; sl="v=1&g7MEX"; liap=true; li_at=AQEDAQJ1gzEArpMIAAABUSQQFO4AAAFRSbUoik4ATC0ohYnUs9W_IXENGSoDLvcgk1ZE_mgXGsaofqivJsVvCbdyNsNfr_e5sHilhR7mVugLQO0SGOiXn8s_dFlLF_2TWKnsQfuBw0XHiit_Nazhj_eu; _lipt=0_9B8HHw-yxNPbmEFVn083VgpSs-SSN-uuW7qYOtB6TbPe78vj812wtnmyeYahtW7EHwUT2RyGtFNtQ1tVPjAmiMt9usy8sHthTODsEfmoAISfPYrYE99zOLPF6dKdBv7pI87by1Zj6LnySUyy46-oZxgaE0S9BcnTd_AD4cl38xcbBuMFrgQy1Vkn3mcK6h8TFUodD8B-m5CLnvo_wUov_PVrAbzBnDb4N43UN-4lchXLwWOWN3UVKpf1AQa96IXI5502rl1LPL3dTfDlpv48W7G1-8dAAHOly271_rcv_vs; _ga=GA1.2.481043914.1446481247; _cb_ls=1; _chartbeat2=D723u9zYa5kDq5R15.1447401965806.1447402241421.1; csrftoken=HC7JbZUuFdF78sZDYqLnvvOxlZmA8pFk; sessionid="eyJkamFuZ29fdGltZXpvbmUiOiJFdXJvcGUvQmVybGluIn0:1ZzgTY:c9tJUsZ6ALJHtQglA_8uHau5Tik"; __utma=226841088.481043914.1446481247.1448291617.1448291617.1; __utmz=226841088.1448291617.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=226841088.authorized; lidc="b=TB29:g=246:u=46:i=1448625460:t=1448711860:s=AQGneCiy2VOHWqS0lIRJShjDjmd5bR5I" Connection: keep-alive


Response-Headers:


HTTP/1.1 302 Found Server: Apache-Coyote/1.1 Location: https://my.server.com/de/social/endpoint?hauth.done=LinkedIn&oauth_token=78--65d791f2-16ac-403b-a227-e2425cf04094&oauth_verifier=95756 Content-Language: en-US Content-Encoding: gzip Vary: Accept-Encoding Date: Fri, 27 Nov 2015 14:39:43 GMT X-FS-UUID: e471085106961a14c0c013c9722b0000 x-content-type-options: nosniff X-Li-Fabric: prod-ltx1 Strict-Transport-Security: max-age=0 Set-Cookie: _lipt=deleteMe; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ lang="v=2&lang=en-us"; Version=1; Domain=linkedin.com; Path=/ Pragma: no-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Cache-Control: no-cache, no-store Transfer-Encoding: chunked Connection: keep-alive X-Li-Pop: prod-tln1 X-LI-UUID: 5HEIUQaWGhTAwBPJcisAAA==

Hi, why does Firefox not follow a redirect response it gets from server a to go to a page on server b? This happens when I use "oauth" to login with linkedin.com or xing.com. The login is reported successful with a 302 redirect response, but firefox does not follow to the location, to tell server that initiated the oauth process, that the login worked. The old page of server a just stays there. When I copy the location from the 302 response into the address bar and hit return, then the oauth process finishes successfully. Other 302 redirects are being followed normally... what's wrong with these ones? Find attached the 302 request/responses. Best regards ---Request to xing.com ------------------------------------------------------------ Request-Headers: ------------------- GET /v1/authorize?oauth_token=cd563afae9d33bfe249e HTTP/1.1 Host: api.xing.com User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: de-CH,en-GB;q=0.7,en;q=0.3 Accept-Encoding: gzip, deflate DNT: 1 Referer: https://login.xing.com/continue?application_name=my.server.com&application_website=https%3A%2F%2Fmy.server.com%2F&dest_url=https%3A%2F%2Fapi.xing.com%2Fv1%2Flogin_successful%3Fattempt%3D0%26oauth_token%3Dcd563afae9d33bfe249e&locale=de&logged_out_sid=206d8b0888fb756b086495ead20f51a9&section=oauth&token_param=login_token Cookie: s_fid=49960A8B018821BB-398B08D9D9B76FBD; s_vi=[CS]v1|2B2054DE853121B7-6000010F2003EA74[CE]; c_=02ebe019e3f0a6b9fa4fec6affab748f; language=de; s_cc=true; s_sq=xingcomprod%3D%2526pid%253Dlogin_app%25252Flogin%25252Fcontinue%25252Foauth%2526pidt%253D1%2526oid%253DEinloggen%2526oidt%253D3%2526ot%253DSUBMIT; xws_login_session=BAhJIjg0MzA5NTY5LXI2OGkzMEsyM3lkMVN1NlpyQnFRTjdERWxMbjl3N0FLSWpwaHkxSE52V1EGOgZFVA%3D%3D--fe57839a71d31febffaf37dab2be492fabb654e0 Connection: keep-alive Response-Headers: ----------------- HTTP/1.1 302 Found Date: Fri, 27 Nov 2015 14:37:30 GMT Server: Apache X-Frame-Options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff Cache-Control: no-cache X-Logjam-Request-Id: xws-production-b9293a6a6ac2463db1030db6e7ac5c15 X-Logjam-Request-Action: WebService::OauthController#authorize X-Request-Id: 67fa147e-7294-4191-bc3f-2cf49d90c1ba X-Runtime: 0.143464 X-Powered-By: Phusion Passenger 4.0.59 Location: https://my.server.com/de/social/endpoint?hauth.done=Xing&oauth_token=cd563afae9d33bfe249e&oauth_verifier=4548 Status: 302 Found Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 172 Keep-Alive: timeout=5, max=7 Connection: Keep-Alive Content-Type: text/html; charset=utf-8 ---Request to linkedin.com ------------------------------------------------------------ Request-Headers: ---------------- GET /uas/oauth/authenticate?oauth_token=78--65d791f2-16ac-403b-a227-e2425cf04094 HTTP/1.1 Host: www.linkedin.com User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: de-CH,en-GB;q=0.7,en;q=0.3 Accept-Encoding: gzip, deflate DNT: 1 Referer: https://my.server.com/de/signup/xing?nocache=1448635043297 Cookie: bcookie="v=2&92b47b8a-0682-4e3f-8061-fa7b6f410d77"; JSESSIONID="ajax:1143168962939487925"; visit="v=1&M"; bscookie="v=1&20151102162014d53740a0-0d42-4663-8cf6-240b92aa523aAQE8DJimFodXl_OnJdid8zRrTA5CiFuY"; sl="v=1&g7MEX"; liap=true; li_at=AQEDAQJ1gzEArpMIAAABUSQQFO4AAAFRSbUoik4ATC0ohYnUs9W_IXENGSoDLvcgk1ZE_mgXGsaofqivJsVvCbdyNsNfr_e5sHilhR7mVugLQO0SGOiXn8s_dFlLF_2TWKnsQfuBw0XHiit_Nazhj_eu; _lipt=0_9B8HHw-yxNPbmEFVn083VgpSs-SSN-uuW7qYOtB6TbPe78vj812wtnmyeYahtW7EHwUT2RyGtFNtQ1tVPjAmiMt9usy8sHthTODsEfmoAISfPYrYE99zOLPF6dKdBv7pI87by1Zj6LnySUyy46-oZxgaE0S9BcnTd_AD4cl38xcbBuMFrgQy1Vkn3mcK6h8TFUodD8B-m5CLnvo_wUov_PVrAbzBnDb4N43UN-4lchXLwWOWN3UVKpf1AQa96IXI5502rl1LPL3dTfDlpv48W7G1-8dAAHOly271_rcv_vs; _ga=GA1.2.481043914.1446481247; _cb_ls=1; _chartbeat2=D723u9zYa5kDq5R15.1447401965806.1447402241421.1; csrftoken=HC7JbZUuFdF78sZDYqLnvvOxlZmA8pFk; sessionid="eyJkamFuZ29fdGltZXpvbmUiOiJFdXJvcGUvQmVybGluIn0:1ZzgTY:c9tJUsZ6ALJHtQglA_8uHau5Tik"; __utma=226841088.481043914.1446481247.1448291617.1448291617.1; __utmz=226841088.1448291617.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=226841088.authorized; lidc="b=TB29:g=246:u=46:i=1448625460:t=1448711860:s=AQGneCiy2VOHWqS0lIRJShjDjmd5bR5I" Connection: keep-alive Response-Headers: ----------------- HTTP/1.1 302 Found Server: Apache-Coyote/1.1 Location: https://my.server.com/de/social/endpoint?hauth.done=LinkedIn&oauth_token=78--65d791f2-16ac-403b-a227-e2425cf04094&oauth_verifier=95756 Content-Language: en-US Content-Encoding: gzip Vary: Accept-Encoding Date: Fri, 27 Nov 2015 14:39:43 GMT X-FS-UUID: e471085106961a14c0c013c9722b0000 x-content-type-options: nosniff X-Li-Fabric: prod-ltx1 Strict-Transport-Security: max-age=0 Set-Cookie: _lipt=deleteMe; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ lang="v=2&lang=en-us"; Version=1; Domain=linkedin.com; Path=/ Pragma: no-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Cache-Control: no-cache, no-store Transfer-Encoding: chunked Connection: keep-alive X-Li-Pop: prod-tln1 X-LI-UUID: 5HEIUQaWGhTAwBPJcisAAA==

Alle antwoorden (1)

more options

PS: the same process works fine in Chrome