Este site irá ter funcionalidade limitada enquanto fazemos manutenção para melhorar a sua experiência. Se um artigo não resolve o seu problema e quiser colocar uma questão, temos a nossa comunidade de apoio à espera de o ajudar em @FirefoxSupport no Twitter, /r/firefox no Reddit.

Pesquisar no apoio

Evite burlas no apoio. Nunca iremos solicitar que telefone ou envie uma mensagem de texto para um número de telefone ou que partilhe informações pessoais. Por favor, reporte atividades suspeitas utilizando a opção "Reportar abuso".

Saber mais

Firefox does not follow 302 redirect

  • 1 resposta
  • 1 tem este problema
  • 12 visualizações
  • Última resposta por d3458739458

more options

Hi,

why does Firefox not follow a redirect response it gets from server a to go to a page on server b?

This happens when I use "oauth" to login with linkedin.com or xing.com. The login is reported successful with a 302 redirect response, but firefox does not follow to the location, to tell server that initiated the oauth process, that the login worked.

The old page of server a just stays there. When I copy the location from the 302 response into the address bar and hit return, then the oauth process finishes successfully.

Other 302 redirects are being followed normally... what's wrong with these ones?

Find attached the 302 request/responses.

Best regards


---Request to xing.com ------------------------------------------------------------

Request-Headers:


GET /v1/authorize?oauth_token=cd563afae9d33bfe249e HTTP/1.1 Host: api.xing.com User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: de-CH,en-GB;q=0.7,en;q=0.3 Accept-Encoding: gzip, deflate DNT: 1 Referer: https://login.xing.com/continue?application_name=my.server.com&application_website=https%3A%2F%2Fmy.server.com%2F&dest_url=https%3A%2F%2Fapi.xing.com%2Fv1%2Flogin_successful%3Fattempt%3D0%26oauth_token%3Dcd563afae9d33bfe249e&locale=de&logged_out_sid=206d8b0888fb756b086495ead20f51a9&section=oauth&token_param=login_token Cookie: s_fid=49960A8B018821BB-398B08D9D9B76FBD; s_vi=[CS]v1|2B2054DE853121B7-6000010F2003EA74[CE]; c_=02ebe019e3f0a6b9fa4fec6affab748f; language=de; s_cc=true; s_sq=xingcomprod%3D%2526pid%253Dlogin_app%25252Flogin%25252Fcontinue%25252Foauth%2526pidt%253D1%2526oid%253DEinloggen%2526oidt%253D3%2526ot%253DSUBMIT; xws_login_session=BAhJIjg0MzA5NTY5LXI2OGkzMEsyM3lkMVN1NlpyQnFRTjdERWxMbjl3N0FLSWpwaHkxSE52V1EGOgZFVA%3D%3D--fe57839a71d31febffaf37dab2be492fabb654e0 Connection: keep-alive


Response-Headers:


HTTP/1.1 302 Found Date: Fri, 27 Nov 2015 14:37:30 GMT Server: Apache X-Frame-Options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff Cache-Control: no-cache X-Logjam-Request-Id: xws-production-b9293a6a6ac2463db1030db6e7ac5c15 X-Logjam-Request-Action: WebService::OauthController#authorize X-Request-Id: 67fa147e-7294-4191-bc3f-2cf49d90c1ba X-Runtime: 0.143464 X-Powered-By: Phusion Passenger 4.0.59 Location: https://my.server.com/de/social/endpoint?hauth.done=Xing&oauth_token=cd563afae9d33bfe249e&oauth_verifier=4548 Status: 302 Found Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 172 Keep-Alive: timeout=5, max=7 Connection: Keep-Alive Content-Type: text/html; charset=utf-8


---Request to linkedin.com ------------------------------------------------------------

Request-Headers:


GET /uas/oauth/authenticate?oauth_token=78--65d791f2-16ac-403b-a227-e2425cf04094 HTTP/1.1 Host: www.linkedin.com User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: de-CH,en-GB;q=0.7,en;q=0.3 Accept-Encoding: gzip, deflate DNT: 1 Referer: https://my.server.com/de/signup/xing?nocache=1448635043297 Cookie: bcookie="v=2&92b47b8a-0682-4e3f-8061-fa7b6f410d77"; JSESSIONID="ajax:1143168962939487925"; visit="v=1&M"; bscookie="v=1&20151102162014d53740a0-0d42-4663-8cf6-240b92aa523aAQE8DJimFodXl_OnJdid8zRrTA5CiFuY"; sl="v=1&g7MEX"; liap=true; li_at=AQEDAQJ1gzEArpMIAAABUSQQFO4AAAFRSbUoik4ATC0ohYnUs9W_IXENGSoDLvcgk1ZE_mgXGsaofqivJsVvCbdyNsNfr_e5sHilhR7mVugLQO0SGOiXn8s_dFlLF_2TWKnsQfuBw0XHiit_Nazhj_eu; _lipt=0_9B8HHw-yxNPbmEFVn083VgpSs-SSN-uuW7qYOtB6TbPe78vj812wtnmyeYahtW7EHwUT2RyGtFNtQ1tVPjAmiMt9usy8sHthTODsEfmoAISfPYrYE99zOLPF6dKdBv7pI87by1Zj6LnySUyy46-oZxgaE0S9BcnTd_AD4cl38xcbBuMFrgQy1Vkn3mcK6h8TFUodD8B-m5CLnvo_wUov_PVrAbzBnDb4N43UN-4lchXLwWOWN3UVKpf1AQa96IXI5502rl1LPL3dTfDlpv48W7G1-8dAAHOly271_rcv_vs; _ga=GA1.2.481043914.1446481247; _cb_ls=1; _chartbeat2=D723u9zYa5kDq5R15.1447401965806.1447402241421.1; csrftoken=HC7JbZUuFdF78sZDYqLnvvOxlZmA8pFk; sessionid="eyJkamFuZ29fdGltZXpvbmUiOiJFdXJvcGUvQmVybGluIn0:1ZzgTY:c9tJUsZ6ALJHtQglA_8uHau5Tik"; __utma=226841088.481043914.1446481247.1448291617.1448291617.1; __utmz=226841088.1448291617.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=226841088.authorized; lidc="b=TB29:g=246:u=46:i=1448625460:t=1448711860:s=AQGneCiy2VOHWqS0lIRJShjDjmd5bR5I" Connection: keep-alive


Response-Headers:


HTTP/1.1 302 Found Server: Apache-Coyote/1.1 Location: https://my.server.com/de/social/endpoint?hauth.done=LinkedIn&oauth_token=78--65d791f2-16ac-403b-a227-e2425cf04094&oauth_verifier=95756 Content-Language: en-US Content-Encoding: gzip Vary: Accept-Encoding Date: Fri, 27 Nov 2015 14:39:43 GMT X-FS-UUID: e471085106961a14c0c013c9722b0000 x-content-type-options: nosniff X-Li-Fabric: prod-ltx1 Strict-Transport-Security: max-age=0 Set-Cookie: _lipt=deleteMe; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ lang="v=2&lang=en-us"; Version=1; Domain=linkedin.com; Path=/ Pragma: no-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Cache-Control: no-cache, no-store Transfer-Encoding: chunked Connection: keep-alive X-Li-Pop: prod-tln1 X-LI-UUID: 5HEIUQaWGhTAwBPJcisAAA==

Hi, why does Firefox not follow a redirect response it gets from server a to go to a page on server b? This happens when I use "oauth" to login with linkedin.com or xing.com. The login is reported successful with a 302 redirect response, but firefox does not follow to the location, to tell server that initiated the oauth process, that the login worked. The old page of server a just stays there. When I copy the location from the 302 response into the address bar and hit return, then the oauth process finishes successfully. Other 302 redirects are being followed normally... what's wrong with these ones? Find attached the 302 request/responses. Best regards ---Request to xing.com ------------------------------------------------------------ Request-Headers: ------------------- GET /v1/authorize?oauth_token=cd563afae9d33bfe249e HTTP/1.1 Host: api.xing.com User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: de-CH,en-GB;q=0.7,en;q=0.3 Accept-Encoding: gzip, deflate DNT: 1 Referer: https://login.xing.com/continue?application_name=my.server.com&application_website=https%3A%2F%2Fmy.server.com%2F&dest_url=https%3A%2F%2Fapi.xing.com%2Fv1%2Flogin_successful%3Fattempt%3D0%26oauth_token%3Dcd563afae9d33bfe249e&locale=de&logged_out_sid=206d8b0888fb756b086495ead20f51a9&section=oauth&token_param=login_token Cookie: s_fid=49960A8B018821BB-398B08D9D9B76FBD; s_vi=[CS]v1|2B2054DE853121B7-6000010F2003EA74[CE]; c_=02ebe019e3f0a6b9fa4fec6affab748f; language=de; s_cc=true; s_sq=xingcomprod%3D%2526pid%253Dlogin_app%25252Flogin%25252Fcontinue%25252Foauth%2526pidt%253D1%2526oid%253DEinloggen%2526oidt%253D3%2526ot%253DSUBMIT; xws_login_session=BAhJIjg0MzA5NTY5LXI2OGkzMEsyM3lkMVN1NlpyQnFRTjdERWxMbjl3N0FLSWpwaHkxSE52V1EGOgZFVA%3D%3D--fe57839a71d31febffaf37dab2be492fabb654e0 Connection: keep-alive Response-Headers: ----------------- HTTP/1.1 302 Found Date: Fri, 27 Nov 2015 14:37:30 GMT Server: Apache X-Frame-Options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff Cache-Control: no-cache X-Logjam-Request-Id: xws-production-b9293a6a6ac2463db1030db6e7ac5c15 X-Logjam-Request-Action: WebService::OauthController#authorize X-Request-Id: 67fa147e-7294-4191-bc3f-2cf49d90c1ba X-Runtime: 0.143464 X-Powered-By: Phusion Passenger 4.0.59 Location: https://my.server.com/de/social/endpoint?hauth.done=Xing&oauth_token=cd563afae9d33bfe249e&oauth_verifier=4548 Status: 302 Found Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 172 Keep-Alive: timeout=5, max=7 Connection: Keep-Alive Content-Type: text/html; charset=utf-8 ---Request to linkedin.com ------------------------------------------------------------ Request-Headers: ---------------- GET /uas/oauth/authenticate?oauth_token=78--65d791f2-16ac-403b-a227-e2425cf04094 HTTP/1.1 Host: www.linkedin.com User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: de-CH,en-GB;q=0.7,en;q=0.3 Accept-Encoding: gzip, deflate DNT: 1 Referer: https://my.server.com/de/signup/xing?nocache=1448635043297 Cookie: bcookie="v=2&92b47b8a-0682-4e3f-8061-fa7b6f410d77"; JSESSIONID="ajax:1143168962939487925"; visit="v=1&M"; bscookie="v=1&20151102162014d53740a0-0d42-4663-8cf6-240b92aa523aAQE8DJimFodXl_OnJdid8zRrTA5CiFuY"; sl="v=1&g7MEX"; liap=true; li_at=AQEDAQJ1gzEArpMIAAABUSQQFO4AAAFRSbUoik4ATC0ohYnUs9W_IXENGSoDLvcgk1ZE_mgXGsaofqivJsVvCbdyNsNfr_e5sHilhR7mVugLQO0SGOiXn8s_dFlLF_2TWKnsQfuBw0XHiit_Nazhj_eu; _lipt=0_9B8HHw-yxNPbmEFVn083VgpSs-SSN-uuW7qYOtB6TbPe78vj812wtnmyeYahtW7EHwUT2RyGtFNtQ1tVPjAmiMt9usy8sHthTODsEfmoAISfPYrYE99zOLPF6dKdBv7pI87by1Zj6LnySUyy46-oZxgaE0S9BcnTd_AD4cl38xcbBuMFrgQy1Vkn3mcK6h8TFUodD8B-m5CLnvo_wUov_PVrAbzBnDb4N43UN-4lchXLwWOWN3UVKpf1AQa96IXI5502rl1LPL3dTfDlpv48W7G1-8dAAHOly271_rcv_vs; _ga=GA1.2.481043914.1446481247; _cb_ls=1; _chartbeat2=D723u9zYa5kDq5R15.1447401965806.1447402241421.1; csrftoken=HC7JbZUuFdF78sZDYqLnvvOxlZmA8pFk; sessionid="eyJkamFuZ29fdGltZXpvbmUiOiJFdXJvcGUvQmVybGluIn0:1ZzgTY:c9tJUsZ6ALJHtQglA_8uHau5Tik"; __utma=226841088.481043914.1446481247.1448291617.1448291617.1; __utmz=226841088.1448291617.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=226841088.authorized; lidc="b=TB29:g=246:u=46:i=1448625460:t=1448711860:s=AQGneCiy2VOHWqS0lIRJShjDjmd5bR5I" Connection: keep-alive Response-Headers: ----------------- HTTP/1.1 302 Found Server: Apache-Coyote/1.1 Location: https://my.server.com/de/social/endpoint?hauth.done=LinkedIn&oauth_token=78--65d791f2-16ac-403b-a227-e2425cf04094&oauth_verifier=95756 Content-Language: en-US Content-Encoding: gzip Vary: Accept-Encoding Date: Fri, 27 Nov 2015 14:39:43 GMT X-FS-UUID: e471085106961a14c0c013c9722b0000 x-content-type-options: nosniff X-Li-Fabric: prod-ltx1 Strict-Transport-Security: max-age=0 Set-Cookie: _lipt=deleteMe; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ lang="v=2&lang=en-us"; Version=1; Domain=linkedin.com; Path=/ Pragma: no-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Cache-Control: no-cache, no-store Transfer-Encoding: chunked Connection: keep-alive X-Li-Pop: prod-tln1 X-LI-UUID: 5HEIUQaWGhTAwBPJcisAAA==

Todas as respostas (1)

more options

PS: the same process works fine in Chrome