Infinite redirects in Firefox

Help
,
1

I am using Auth0 to integrate Python Dash applications with Auth0. I am using this wrapping:

dbrambilla13/dash-auth0-auth (github.com)

My app is deployed in AWS ECS behind an ALB and I’m using CloudFlare as the DNS provider. All this works perfectly for most users in Chrome and Edge, but some users are experiencing problems. I’m only able to reproduce in Firefox, so I’m looking there at the moment.

When I first visit the page, I’m asked to login (via an Azure AD integration) and then it redirects and bounces back and forth a few times before complaining like this:

image
image1928×1028 40.4 KB

Here is the network log:

image
image968×230 18.3 KB

I’ve blanked out my domain - I hope this isn’t necessary to debug the problem. You can see that from my page there is a redirect to my auth0 domain (dev-ep515…) with response_type=code and this sends back to callback (on HTTP), which itself redirects to the equivalent on HTTPS and this bounces back to my auth0 domain forever. It does look as if between HTTP and HTTPS the “callback” part of the URL has been stripped - is this needed?

After some Googling, I did find a suggestion to set “Always use private browsing mode” in the history section of Firefox’s Privacy and Security settings and that fixes the problem. Now it looks like this:

image
image1052×166 13.1 KB

but I’m not sure this explains why some users are experiencing problems with Edge and Chrome. I guess there could be a problem with dash-auth0-auth but I’d appreciate any pointers on where to look.

2

Hey there!

Unfortunately it will be hard for us to advise on her as you are using a wrapper that is not officially developed by Auth0 but maybe someone else from community will be able to help!

3

OK, I fixed this. I’m really not sure why it was only broken on Firefox, but I’ll document what I did here in case it helps somebody else.

The problem was in the redirect step. My Dash app was hosted on AWS ECS behind an ALB with TLS (https) enabled. I noticed that the redirect requested by my app was to http and not https - the redirect settings in Auth0 were also using http. I had a listener rule set on my ALB redirecting http back to https but that didn’t seem to work on Firefox.

To fix the problem, I used the wsgi Proxy fix documented here:

X-Forwarded-For Proxy Fix — Werkzeug Documentation (0.16.x) (palletsprojects.com)

Once I wrapped my Dash app with this:

app = Dash("my_app")
app.server.wsgi_app = ProxyFix(app.server.wsgi_app, x_for=1, x_host=1)

it properly redirected to https. I had to change my Auth0 redirect configuration to also use https, but that seems like the right choice. After that, the infinite redirect stopped.

1 Like
4

Perfect! Thanks for sharing it with the rest of community!

5

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.