This repository has been archived by the owner on Apr 26, 2024. It is now read-only.
"Requested operation has changed during the UI authentication session." shouldn't be raised if only the query string changes #7722
Labels
O-Uncommon
Most users are unlikely to come across this or unexpected workflow
S-Major
Major functionality / product severely impaired, no satisfactory workaround.
T-Defect
Bugs, crashes, hangs, security vulnerabilities, or other reported issues.
z-auth
(Deprecated Label)
z-bug
(Deprecated Label)
z-p2
(Deprecated Label)
Comments
babolivier
changed the title
|
We also need to make sure that things like device IDs, etc. are not part of the query string, but part of the path. |
|
@babolivier Any idea how much of an impact this might have? |
|
I don't think this is impacting many clients - the main reason I found out about that is because the web version of Tchap has this issue (because of some code specific to Tchap, though, so not an issue with Riot web). |
reivilibre
added
S-Major
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
#7483 changed the condition under which the "Requested operation has changed during the UI authentication session." error raised so that it's only raised if the (method, uri) changes during UIA.
This means that if e.g. I initiate a registration with
POST /registerbut ends it withPOST /register?kind=user, which is the same operation, the registration fails.Ideally this condition should be changed to omit the query string from the uri, but we should first check if that doesn't introduce any issue (e.g. if the UIA operation is passed in the query string in some cases - which I don't think it is, but we should probably make sure of that).
The text was updated successfully, but these errors were encountered: