Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Documentation says APIs return 302 but actually return 303 #1969

Closed
3 of 6 tasks
hi117 opened this issue Nov 20, 2021 · 1 comment
Closed
3 of 6 tasks

Documentation says APIs return 302 but actually return 303 #1969

hi117 opened this issue Nov 20, 2021 · 1 comment
Labels
bug Something is not working.

Comments

@hi117
Copy link

hi117 commented Nov 20, 2021

Preflight checklist

Describe the bug

API docs say APIs (ie /self-service/login/browser) return 302, actually return 303.

Reproducing the bug

Curl /self-service/login/browser

Relevant log output

curl -v 'http://127.0.0.1:4455/.ory/kratos/public/self-service/login/browser'                                     
*   Trying 127.0.0.1:4455...
* Connected to 127.0.0.1 (127.0.0.1) port 4455 (#0)
> GET /.ory/kratos/public/self-service/login/browser HTTP/1.1
> Host: 127.0.0.1:4455
> User-Agent: curl/7.79.1
> Accept: */*
> 
* Mark bundle as not supporting multiuse
< HTTP/1.1 303 See Other
< Cache-Control: private, no-cache, no-store, must-revalidate
< Content-Length: 101
< Content-Type: text/html; charset=utf-8
< Date: Sat, 20 Nov 2021 08:12:03 GMT
< Location: http://127.0.0.1:4455/auth/login?flow=6f6ff6bb-4df7-435a-ae53-55c3ec346447
< Set-Cookie: csrf_token_2d785ea2f6536900108362e9bfff73eef3a32be3921b3abc74b0a990093487c9=uN7r1lyekt86LsMfe8T9uMdSLNIaEs7ws4Ne/p6YU+I=; Path=/; Max-Age=31536000; HttpOnly; SameSite=Lax
< Vary: Origin
< Vary: Cookie
< 
<a href="http://127.0.0.1:4455/auth/login?flow=6f6ff6bb-4df7-435a-ae53-55c3ec346447">See Other</a>.

* Connection #0 to host 127.0.0.1 left intact
curl -v 'http://127.0.0.1:4434/version'
*   Trying 127.0.0.1:4434...
* Connected to 127.0.0.1 (127.0.0.1) port 4434 (#0)
> GET /version HTTP/1.1
> Host: 127.0.0.1:4434
> User-Agent: curl/7.79.1
> Accept: */*
> 
* Mark bundle as not supporting multiuse
< HTTP/1.1 200 OK
< Content-Type: application/json; charset=utf-8
< Date: Sat, 20 Nov 2021 08:12:58 GMT
< Content-Length: 29
< 
{"version":"v0.7.4-alpha.1"}
* Connection #0 to host 127.0.0.1 left intact



### Relevant configuration

_No response_

### Version

v0.7.4-alpha.1

### On which operating system are you observing this issue?

Linux

### In which environment are you deploying?

Docker Compose

### Additional Context

This is running behind oathkeeper, derived from oathkeeper quickstart included with kratos.
@hi117 hi117 added the bug Something is not working. label Nov 20, 2021
@aeneasr
Copy link
Member

aeneasr commented Nov 21, 2021

PRs to fix it welcomed welcomed :)

This was referenced Feb 11, 2022
Merged
Merged
aeneasr pushed a commit to ory/docs that referenced this issue Feb 16, 2022
@maurice-freitag
fix: use HTTP 303 instead of 302 for selfservice redirects (#598)
01bdcd9 
See ory/kratos#1969
peturgeorgievv pushed a commit to senteca/kratos-fork that referenced this issue Jun 30, 2023
@maurice-freitag
fix: use HTTP 303 instead of 302 for selfservice redirects (ory#2215)
6081dbf 
Closes ory#1969

Co-authored-by: Alano Terblanche <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something is not working.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@hi117 @aeneasr