[Webkit-unassigned] [Bug 188165] iOS 12 Safari breaks ASP.NET Core 2.1 OIDC authentication
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri Oct 5 13:55:40 PDT 2018
https://bugs.webkit.org/show_bug.cgi?id=188165
--- Comment #19 from Lode Claassen <lodeclaassen at xs4all.nl> ---
Matt, thanks for my blind spot, I'll see if I can test that (will become next week).
Daniel, you can use the website I used although it is in Dutch.
- I've setup an account for you to use. You can go to https://decorrespondent.nl/account/wachtwoord-herstellen en fill in your email address. You'll then receive an email with a link to reset your password.
- The page asks for a new password. After that you're redirected to our logged-in homepage, noticeable by your name in the top right. Later, you can login (with a two-step process first email address then password) via https://decorrespondent.nl/inloggen.
- You should have a cookie called 'session' which has the SameSite attribute set to Lax.
- You can use the MailChimp link in the curl.log attachment, or you can make a bit.ly link to for example https://decorrespondent.nl/instellingen if you don't want to send your data to MailChimp :)
- When you open one of those pages you should see your name in the top right, and in a private window you shouldn't be able to access it and get redirected to the login page.
- When logged in to the website and using iOS 12 + Safari, you should be able to open the direct links, but the MailChimp/bit.ly redirect will show the login page.
Hope this is clear and can help debugging!
Otherwise I could setup a simple example case next week.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20181005/ace0fbe2/attachment.html>
More information about the webkit-unassigned
mailing list