Comments (9)
Interesting question and I must admit I haven't had this problem before. However I don't believe that this is a browser issue, but an issue with your domain2.com
. It seems like this domain doesn't allow it's contents to be loaded in an iframe which has a different domain than domain2.com
.
So given the situation: your app hosted on donain1.com
, the OIDC provider on domain2.com
with X-Frame-Options
set to SAMEORIGIN
. When silent renew occurs, domain2.com
refuses this with the error message you've described. Source: StackOverflow.
I don't know whether you have control over what domain2.com
does. If you do, you can change the options there, but if you don't I'm afraid there is not much you can do to make silent renew work - at least not in an iframe. There is however an option in oidc-client-js
which is called signinPopupCallback
. A popup should not be limited in the way the iframe is. I haven't yet used it myself, but you can check out the wiki at oidc-client to see if this helps you. If you look at the code for processSilentRenew()
(code) you can see that you just have to replace one method call in your silent_renew.html
file to make this work.
Hope this helps. Good luck!
from redux-oidc.
from redux-oidc.
No problem. Have a closer look at the SO link I've provided. It shows that the option is sent via a HTTP response header. I'm sure there must be a simple way to fix this on domain2.com
- maybe even simpler than changing the renew mechanism to a popup, which in itself can cause problems with popup blockers.
from redux-oidc.
from redux-oidc.
This may be true for ALLOW-FROM
but the post also suggests removing this response header entirely. Is that not an option?
from redux-oidc.
from redux-oidc.
Were you able to solve this?
from redux-oidc.
Hi @maxmantz I've just looked at removing the response header entirely and it works. So that is definitely a potential option. Thanks a million for your help! You can close this issue if you like now.
from redux-oidc.
Happy to help!
from redux-oidc.
Related Issues (20)
- LOADING_USER called multiple times from my reducers
- User signed out when calling silent renew HOT 1
- access_token is undefined in user object HOT 1
- user State is not getting maintained between browser tabs HOT 2
- Error when automatically trying to reauthenticate HOT 1
- Using the library with authorization code + PKCE HOT 1
- How to store the auth token in a cookie called 'token'? HOT 1
- Passing runtime configuration to UserManager HOT 1
- On redirect, LOADING_USER and USER_EXPIRED fires just before USER_FOUND HOT 1
- errorCallback called right after successCallback in Google Chrome and Edge HOT 5
- Redux state changed to Loading_user , User_Expired, User_found HOT 1
- Update UserManager authority after creation? HOT 1
- Google OAuth: Refresh token not present in token response HOT 7
- Passing state from signinRedirect to successCallback
- Manually update the oidcUser object with extra info
- Multiple-Apps-And-One-IdentityServer
- React js version 18 typescripts issue HOT 4
- Switch oidc-client to oidc-client-ts HOT 1
- redux-oidc(4.0.0-beta1) onSuccessCallback - redirect is not working HOT 1
- Support for React 18? HOT 17
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from redux-oidc.