Comment 1 for bug 1272223
Revision history for this message
| Simon Davy (bloodearnest) wrote Re: [Bug 1272223] [NEW] 2fa prompt on multiple tabs opens incorrect urls | #1 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
0e1f616
(Get the code!)
On Fri, Jan 24, 2014 at 9:07 AM, Alan Pope ㋛ <email address hidden> wrote:
> Public bug reported:
>
> I have a chromium profile just for work. I only login to my canonical
> sites in that profile, and at the end of the working day I close that
> browser, remembering all my tabs so I can carry on where I left off the
> next day.
I do the same, and suffer similarly, except I use ff for work. I have
about ~10 pinned tabs, and they all hit 2fa on restart
> On more than one occasion now I've been prompted to fill in my 2fa code
> when I start the browser in the morning. Not just once though, in every
> single tab - as most tabs will contain a document / spreadsheet / email
> etc that I'm working on.
>
> Two problems exist here:-
>
> 1. I have to enter a 2fa code in every single one, because they've all re-directed and have lost the original url
So, this is result of the combination of using OpenID and having 2fa
authenticated for a limited time. With just password login, which is
valid for a lot longer, this is not a problem (unless you logged
out/deleted cookie - then you'd have the same issue).
To my mind there's not an obvious solution. We use OpenID, which does
these redirects, and we need to have 2fa on a shorter timeout,
otherwise it's kinda pointless.
One thing we could maybe do to mitigate this add a link on the 2fa
page to take you back to the OpenID referrer url you came from,
perhaps. If you have logged in in another tab, then this is a simple
way to get back.
My workaround is that I 2fa in one tab, then hit the back button drop
down menu on other tabs go back a few redirects o the actual url I
wanted. Still a pain though.
Other workarounds include not closing you browser as often (I usually
only do it 1-2 times per week). But that sucks.
Another includes using firefox (and maybe chrome, not sure) and *not*
having pinned tabs. That means tabs are lazily loaded when you switch
to them for the first time in a session, so you can log in on one, and
when you visit the others, you'll be 2fa'ed and there'll be no
problems.
> 2. After I enter the 2fa code in one, it takes me to a different page than was originally in that tab.
Every time? Or just for some sites?
Hmm, this could be a bug in SSO, but is more likely an issue with the
site using SSO not sending the correct return url to SSO in this
situation.