AngularJS with Satellizer fails when Google requests password #1116
Comments
|
I am also having this issue. I believe it's due to a Chrome 63 update. I'm still investigating |
|
@aplongh @trobbins1981 Have you solved this problem? |
|
We did confirm that the issue does not happen with Chrome 61. I debugged the satellizer code, and it appears to be an inconsistent security issue when trying to access document.domain to parse the url. The issue does not happen when we login with MS live, but does with Google. About 5% of the time for me, the issue did not happen, so I think it also points to a timing issue. I opened a bug on the Chromium bug tracker but their is no progress there yet. I was able to implement a work around by modifying satellizer to use postMessage instead of url parsing. I'm going to fork satellizer today to officially implement it |
|
Did this fix happen or not? Is it fixed by updating chrome? |
|
@trobbins1981 could you post where you modified the file. I'm running into the same issue sometimes and I would like to implement the fix action. |
|
The fork we made exists in our private repo, so I can't simply provide a link to it. Here is the satellizer.js after our changes though. We forked off of 0.9.4, so you can see what we changed by comparing their file to ours |
|
Unfortunately the issue still stands. I was forced to place a message, alerting users what to do in case Chrome asks for credentials (which is basically to close the popoup and then click on the "authenticate with Chrome" again). Good to know though there is a workaround, but it will require extensive QA to ensure that everything still works as expected. |
|
That file I sent shows you the changes I made. There is still work you have to do to fully implement it. For one, you'll have to build the .min file that is actually used. Also, you'l need to implement a postMessage handler in your code to read the 'code' value from the 'message' event. |
|
Thank you Tim, will give it a try ASAP. Just one question (and please excuse my ignorance). Does this change affect all providers (Office365, Twitter, Facebook, Azure AD, etc.), or just Google? |
|
We have only tried google and ms live, and only google had the issue |
|
@aplongh care to share your config for office365 in a new issue or comment reply :) |
Been using Satellizer for AngularJS for some time. Everything had gone well, except that for a random cause, a user had to clear the cache history in Chrome. All of a sudden, when authenticating with Satellizer, Chrome started to ask for the user password, which it did not do before the clearing of the cache history. Now Satellizer fails, as it does not close the authentication popup window and the site gets opened in the popup.
Has anyone experienced this before? Any ideas on how to solve it?
All the best, Ariel
The text was updated successfully, but these errors were encountered: