I am using angular-oidc-auth2 v9.0.3 to request token renewal by silent refresh. I am using implicit flow. it was working good until google chrome updated version to 85. I have observed the request and found that Google chrome used to have Referrer Policy: no-referrer-when-downgrade before and all was good. then from version 85 they have defaulted to Referrer Policy: strict-origin-when-cross-origin. and after that it started failing the token refresh. For security reason I cannot share the code however our identity server is in the different domain than application. Is there anyway I can set header for referrer policy Silent refresh request? Or any other way it can be resolved?
Silent Refresh not working after Google Chrome updated to Version 85
1.2k views Asked by user1898171 At
2
There are 2 answers
Related Questions in REFRESH
- Automate the update of a pivot table in Excel via Power Automate Web
- Stream data from server component in NextJS 14 App Router
- Power automate dataflow refresh after mail recieved
- Unable to set up scheduled refresh in powerBI Service when Data is imported into PowerBI from S3 using R script
- Error when Refreshing Power BI Gateway - Mashup error
- Binding to a calculated property of a BindableProperty from code behind
- Refresh array in desktop app after actions in web-site
- How I refresh (update) a parameter in a time intervals using [spring-boot and ajax]
- How to enable automatic background refresh in Excel with closed workbook when connected to external database, such as Oracle?
- Oracle materialized view refresh on two different schedules
- How can I force a DataGridView to redraw or refresh after any front end changes to the data?
- Problem understanding Python's turtle refreshing after using a tracer(0) and an update
- Power BI service refreshing fine but desktop version fails
- PowerBi refreshing issue (MySQL)
- Refresh a certain sheet associated with multiple connections
Related Questions in OPENID-CONNECT
- Error from Identity Provider - OIDC Scope Error
- Blazor Web App (.Net 8) with oidc loses auth when switching to client
- Call Databricks API from an ASP.NET Core web application
- OIDC Error after adding Microsoft.IdentityModel.JsonWebTokens
- Implementing IDP Initiated Flow Using OIDC
- How can I add an identity provider to an existing user in an AWS Cognito user pool using the OIDC protocol?
- How can I protect an Java Spring boot API against Azure AD B2C if I only have an id_token?
- Migrating .gitlab-ci.yml from Terraform to OpenTofu with OIDC Setup
- Cookie not being set when using Blazor server App with individual authentication hooked up with Duende IdentityServer
- Blazor Web Assembly Standalone OIDC
- Azure AD OIDC authentication for S3 upload
- OIDC - Dummy Redirect URL a security issue?
- OPEN ID connect request to refresh access token
- Prevent deeplinking on redirect
- Google OIDC: How to get the member_key of an external SSO user?
Related Questions in SILENT
- Running PS script remotely as admin with no user prompts?
- Silent errors in parallelized R loops with future.apply (...and foreach)
- I used a recursive function to modify a string, but if the string is too large the function returns nothing
- Wix custom bootstrapper - Intercepting InstallShield silent install command line and modify command line string/flags to install MSI
- WPS running in silent Mode - is possible?
- NodeJS — Stream pipeline silently crashes
- Coding Pack for Java - Silent install?
- In Android S, Can a system app (actually a service) perform uninstall of APKs silently without being a device owner?
- Question about Silent-Installation with Inno Setup 5.6.1
- installing Ghostscript silently
- How to silent the output of `untar(files="xxx")` when a file is not found?
- Silently checking onion domain is available in bash?
- how to handle the scenario web api 1 calling web api 2 while azure b2c doesn't support "on behalf of"
- How to ignore React webpack warnings about dependency source maps
- Message sent without sound (silently) in Pyrogram — how to determine?
Related Questions in ANGULAR-OAUTH2-OIDC
- Authentication Library Config Type Only Import Causes Reference Error
- Angular-oauth2-oidc throws error when trying to refresh token
- Can't get Auth Code from Auth0 or Okta in Angular app using angular-oauth2-oidc
- angular oauth oidc with keycloak redirects with the session and state embeded in the URL
- Can't authenticate Google access token on my net.core backend
- Angular-oauth2-oidc adds parameters to redirect uri
- Angular single page application with angular-oauth2-oidc unable to get identity claims. How can I evaluate the token after the initCodeFlow method?
- connect/authorize/callback not able to authenticate a user for Angular child app from angular Parent APP - IdentityServer4 SSO
- How to config OpenID in angular-oauth2-oidc so that some address doesn't need to authenticate
- Angular angular-oauth2-oidc v15.0.0 client id not included in logout
- angular-oauth2-oidc check session issue
- angular-oauth2-oidc does not send access_token to resource server
- “Invalid token specified error” only at first login in Angular app with oauth2-oidc and keycloak
- Handling Google OAuth2 Redirection Differently Between Development and Production in Angular and Nest.js
- angular oauth2 oidc - Refresh token is not being set
Related Questions in REFERRER-POLICY
- strict-origin-when-cross-origin to subdomain
- Trying to set X-Frame and CSP to display another websites login page but connection refused
- How to change document.referrer when having server side redirect?
- Setting no-referrer no-opener and no-follow using htaccess
- third-party JavaScript access to document.location when a restrictive Referrer-Policy is set?
- Firefox iframe referrer is trimmed despite referrerpolicy="unsafe-url"
- How to resolve Strict Origin Error at angular app
- Hide referrer on iframe Firefox
- How can I add referrer tag to my React JS website?
- How to get parent URL in JS without using document.referrer
- Asp.Net Core API CORS policy error (+308 status code)
- cors: strict-origin-when-cross-origin: react + nginx + elasticsearch
- How to get referrer policy as strict-origin-when-cross-origin in node js
- How to deal with strict-origin-when-cross-origin error in Vue3 app?
- Angular interceptor request failed because of strict-origin-when-cross-origin
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Sorry https://developers.google.com/web/updates/2020/07/referrer-policy-new-chrome-default says that you need to only refer to your own site in a script.
You will need to write a proxy script in the form...