Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Login not working on Firefox 96.0.2 Windows 10 #184

Open
AdrianFarmadin opened this issue Jan 24, 2022 · 3 comments
Open

Login not working on Firefox 96.0.2 Windows 10 #184

AdrianFarmadin opened this issue Jan 24, 2022 · 3 comments
Labels
bug

Comments

@AdrianFarmadin
Copy link
Contributor

AdrianFarmadin commented Jan 24, 2022
edited by timja

Jenkins and plugins versions report

Environment

Jenkins: 2.319.2
OS: Linux - 5.11.0-43-generic

ace-editor:1.1
active-directory:2.25.1
analysis-model-api:10.9.1
ansicolor:1.0.1
ant:1.13
antisamy-markup-formatter:2.7
apache-httpcomponents-client-4-api:4.5.13-1.0
artifactory:3.15.2
authentication-tokens:1.4
authorize-project:1.4.0
azure-ad:189.v2da14dccdb43
azure-sdk:84.v53035e83f3c2
basic-branch-build-strategies:1.3.2
bitbucket:214.v2fd4234d0554
blueocean:1.25.2
blueocean-autofavorite:1.2.4
blueocean-bitbucket-pipeline:1.25.2
blueocean-commons:1.25.2
blueocean-config:1.25.2
blueocean-core-js:1.25.2
blueocean-dashboard:1.25.2
blueocean-display-url:2.4.1
blueocean-events:1.25.2
blueocean-git-pipeline:1.25.2
blueocean-github-pipeline:1.25.2
blueocean-i18n:1.25.2
blueocean-jwt:1.25.2
blueocean-personalization:1.25.2
blueocean-pipeline-api-impl:1.25.2
blueocean-pipeline-editor:1.25.2
blueocean-pipeline-scm-api:1.25.2
blueocean-rest:1.25.2
blueocean-rest-impl:1.25.2
blueocean-web:1.25.2
bootstrap4-api:4.6.0-3
bootstrap5-api:5.1.3-4
bouncycastle-api:2.25
branch-api:2.7.0
build-timeout:1.20
build-timestamp:1.0.3
caffeine-api:2.9.2-29.v717aac953ff3
checks-api:1.7.2
cloudbees-bitbucket-branch-source:751.vda_24678a_f781
cloudbees-folder:6.17
cobertura:1.17
code-coverage-api:2.0.4
command-launcher:1.6
conditional-buildstep:1.4.1
config-file-provider:3.8.2
configuration-as-code:1.55.1
credentials:1074.v60e6c29b_b_44b_
credentials-binding:1.27.1
data-tables-api:1.11.3-6
delivery-pipeline-plugin:1.4.2
deployit-plugin:10.0.6
display-url-api:2.3.5
docker-commons:1.18
docker-workflow:1.27
dtkit-api:3.0.0
durable-task:493.v195aefbb0ff2
echarts-api:5.2.2-2
email-ext:2.87
favorite:2.3.3
font-awesome-api:5.15.4-5
forensics-api:1.7.0
git:4.10.3
git-client:3.11.0
git-server:1.10
github:1.34.1
github-api:1.301-378.v9807bd746da5
github-branch-source:2.11.4
google-oauth-plugin:1.0.6
gradle:1.38
greenballs:1.15.1
groovy:2.4
handlebars:3.0.8
handy-uri-templates-2-api:2.1.8-1.0
hashicorp-vault-plugin:336.v182c0fbaaeb7
htmlpublisher:1.28
http_request:1.13
ivy:2.1
jackson2-api:2.13.1-246.va8a9f3eaf46a
jacoco:3.3.1
javadoc:1.6
javax-activation-api:1.2.0-2
javax-mail-api:1.6.2-5
jaxb:2.3.0.1
jdk-tool:1.5
jenkins-design-language:1.25.2
jjwt-api:0.11.2-9.c8b45b8bb173
job-dsl:1.78.3
jquery:1.12.4-1
jquery3-api:3.6.0-2
jsch:0.1.55.2
junit:1.53
kubernetes:1.31.3
kubernetes-client-api:5.11.2-182.v0f1cf4c5904e
kubernetes-credentials:0.9.0
lockable-resources:2.13
mailer:408.vd726a_1130320
matrix-auth:3.0
matrix-project:1.20
maven-plugin:3.16
mercurial:2.16
metrics:4.0.2.8.1
momentjs:1.1.1
oauth-credentials:0.5
okhttp-api:4.9.3-105.vb96869f8ac3a
opentelemetry:0.21
pam-auth:1.6.1
parameterized-trigger:2.43
pipeline-build-step:2.15
pipeline-graph-analysis:188.v3a01e7973f2c
pipeline-input-step:446.vf27b_0b_83500e
pipeline-milestone-step:1.3.2
pipeline-model-api:1.9.3
pipeline-model-definition:1.9.3
pipeline-model-extensions:1.9.3
pipeline-rest-api:2.20
pipeline-stage-step:291.vf0a8a7aeeb50
pipeline-stage-tags-metadata:1.9.3
pipeline-stage-view:2.20
pipeline-utility-steps:2.12.0
plain-credentials:1.7
plugin-util-api:2.12.0
popper-api:1.16.1-2
popper2-api:2.11.2-1
prism-api:1.25.0-2
pubsub-light:1.16
resource-disposer:0.17
run-condition:1.5
scm-api:595.vd5a_df5eb_0e39
script-security:1131.v8b_b_5eda_c328e
skip-notifications-trait:1.0.5
slack:2.49
snakeyaml-api:1.29.1
sse-gateway:1.24
ssh-credentials:1.19
ssh-slaves:1.33.0
sshd:3.1.0
startup-trigger-plugin:2.9.3
statistics-gatherer:2.0.3
structs:308.v852b473a2b8c
thinBackup:1.10
timestamper:1.16
token-macro:267.vcdaea6462991
trilead-api:1.0.13
variant:1.4
warnings-ng:9.11.0
workflow-aggregator:2.6
workflow-api:1136.v7f5f1759dc16
workflow-basic-steps:2.24
workflow-cps:2648.va9433432b33c
workflow-cps-global-lib:552.vd9cc05b8a2e1
workflow-durable-task-step:1121.va_65b_d2701486
workflow-job:1145.v7f2433caa07f
workflow-multibranch:706.vd43c65dec013
workflow-scm-step:2.13
workflow-step-api:622.vb_8e7c15b_c95a_
workflow-support:813.vb_d7c3d2984a_0
ws-cleanup:0.40
xunit:3.0.5

What Operating System are you using (both controller, and any agents involved in the problem)?

Image: jenkins/jenkins:lts

Reproduction steps

  1. Try to log in on Windows 10 with Firefox 96.0.2 and sameSite cookie policy enabled

Expected Results

Working log in

Actual Results

Infinite loop of redirects to Azure authentication

Anything else?

Login is working with disabled sameSite cookie policy in Firefox
@Seros
Copy link

Seros commented Jan 25, 2022

So that's because of network.cookie.sameSite.noneRequiresSecure: true in about:config?

@AdrianFarmadin
Copy link
Contributor Author

Yes, exactly.

@timja
Copy link
Member

timja commented Feb 1, 2022

Some info from Microsoft: https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-handle-samesite-cookie-changes-chrome-browser

We shouldn't have any cookies that require cross domain, but I'll check this when I have time.

It works in Chrome's implementation of this just fine

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@Seros @AdrianFarmadin @timja