0

Problem Closed

This particular user had turned off third party cookies in two of his browsers and the testing was being done on a page which was embedded in an iFrame.

We have a number of sites that use 303 redirects to share identity across them.

You GET a Page 1 on site A with a blank cache - you get a 
303 to a sync page on site B.

You GET the sync page on Site B - it sets a cookie and redirects (303). 

You GET a sync page on Site A - the cookie value is also in the URL.

Site A unpacks the cookie from the URL - it sets it on itself and then 
303's you back to GET your original page

You should have two identical cookies set for Site A and Site B with a long lifetime and the root path.

Sometimes, for some users it goes infinite redirect. The cookie that is set by Site B for the final redirect isn't sent back when the browser processes the last redirect.

What can be causing this?

  • incorrect setting of cookies?
  • browser settings?

How can I debug it? It is a real intermittent problem in production that I can't reproduce in dev.

Gordon Guthrie
  • 6,252
  • 2
  • 27
  • 52
  • What browser are you using and does the problem happen with all browsers? Firefox, Chrome, IE, Opera? – Eric Leschinski Dec 06 '12 at 14:31
  • Can you show us the code that you are using to do the redirect? Depending on which object you are using to handle the simultaneous redirect with cookie handling, under some circumstances the browser just ignores the cookie. Read this: http://stackoverflow.com/questions/1621499/why-cant-i-set-a-cookie-and-redirect – Eric Leschinski Dec 06 '12 at 14:39
  • Eric - it was a settings problem - he was using the page in an iFrame with third party cookies being rejected. – Gordon Guthrie Dec 08 '12 at 11:43

0 Answers0