Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Firefox(windows7) v26 not setting cookie in a 302 redirect, other browsers does

  • 5 replies
  • 12 have this problem
  • 2 views
  • Last reply by guigs

more options

I am using firefox v26 for windows. My os is windows7. I am using SAML security mechanism for my application, I am creating a cookie in sso web application as follows Cookie cookie = new Cookie(ACCESS_TOKEN, "accessToken"); cookie.setPath("/"); cookie.setDomain(".domain");

after creating cookie in sso I am redirecting to my application. Firefox is not setting this cookie, chrome, IE, safari are setting the cookie. sso and my application are hosted on different servers but ".domain" part is common to both dns.

I am using firefox v26 for windows. My os is windows7. I am using SAML security mechanism for my application, I am creating a cookie in sso web application as follows Cookie cookie = new Cookie(ACCESS_TOKEN, "accessToken"); cookie.setPath("/"); cookie.setDomain(".domain"); after creating cookie in sso I am redirecting to my application. Firefox is not setting this cookie, chrome, IE, safari are setting the cookie. sso and my application are hosted on different servers but ".domain" part is common to both dns.

All Replies (5)

more options

I don't have easy access to an ASP.Net server for testing. Does your Firefox work in an Apache/PHP scenario?

Here's the destination page: https://jeffersonscher.com/res/jstest.php

If you load that and reload it, you should see that there are no cookies in the HTTP Request headers.

If you use the redirector page to access the destination page, you now should see a cookie when you reach the destination page: https://jeffersonscher.com/res/redirme.php

Does it work?

more options

In case you have not confirmed, please open Firefox's web console (Ctrl+Shift+k) and open the redirect page again. Click the URL of the redirect page to confirm that Firefox is seeing the cookie as part of the response. (Screen shot example attached.)

more options

I can see cookie set in this case. Here destination page https://jeffersonscher.com/res/jstest.php and redirecting page https://jeffersonscher.com/res/redirme.php are of same domain jeffersonscher.com, but in my case its like below destination page : 'a.b.domain' redirecting page : 'x.y.domain'

I am creating a cookie in redirecting page as in my first post, I am using java/tomcat. In all other browsers cookie getting set but not in firefox.

more options

If you view the SET-COOKIE header in Fiddler or another proxy, can you confirm that you have the base domain set? For example, from this new page that redirects across subdomains on two different servers:

http://www.jeffersonscher.com/res/redir2.php

HTTP/1.1 302 Found
Date: Mon, 03 Feb 2014 03:28:42 GMT
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.3.24
Set-Cookie: redir2Cookie=OatmealRaisin; expires=Mon, 03-Feb-2014 03:38:42 GMT; path=/; domain=jeffersonscher.com
Location: http://dev.jeffersonscher.com/jstest.asp
Content-Length: 0
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html
more options

Yup, and to tell if it is a server or a browser issue the 302 error will say found or not found. It if is found then it redirected successfully in the browser. If it was not found there is not response or it is a redirect loop.

I do not know if this is a browser or server issue, but to tell the information will be in the response cookie.

Please check the cookie to make sure the Location is set in the redirect loop. What version of open SAML are you using?