-
Notifications
You must be signed in to change notification settings - Fork 2.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Navigating directly to '<website>/umbraco' fails to set the ASP.NET session cookie #5509
Comments
Hi there @simonproctor - that is a very interesting observation and might actually be closely linked to issue #4138 which we could never reproduce. I haven't reproduced this one yet but it would be interesting to try. I am not sure why that cookie is not being set but I would imagine the fix would then be easy enough. I'll keep you posted! |
Hi @simonproctor, What version of Umbraco are you running? Also, to rule out a few things, could you try in another browser or in incognito mode? I've tried reproducing your issue - both with a my site running in a full IIS server and also just through Visual Studio 2019 (IIS Express). I've used the following steps:
and also
All of my attempts so far has been successful. |
I've unfortunately also not been able to reproduce this one. Let us know if you have more info @simonproctor ! For now I'll close this but happy to re-open if we can actually find a good way to reproduce. |
Hi, This is in Firefox, Chrome and IE. Its in Umbraco 7 (cloud) with no back office customisations, http modules or redirects. I'm happy to share our account details and/or Github privately. Without that, I can only think that a step to ensure the session is setup and cookies available is present. I could record our symptoms exactly in a video but as you say, if you can't then its hard to know what to do. Its worth noting, though, that this happens on UCloud and that's what I'm reporting (as well). I'm not reporting about just running this locally. Your test report appears you have done this locally. Have you tried this on Umbraco Cloud? I've re-read my report and noted I forgot to mention this was v7. Sorry for that omission and any time you've spent looking at the wrong version. |
Hi, In case people still have this issue and are hosting on Azure: I had the same issue as presented here, where the "UMB-XSRF-TOKEN" and "UMB-XSRF-V" token were not set after an Umbraco login, causing the backoffice to be a blank page, and getting a 417 code back when calling the Umbraco Backoffice API. I noticed that these two cookies are session cookies, and seeing that this was only the case on our Azure environment, and not local, led me to think that it had to do with how our Azure environment handled sessions. I got this issue resolved by completely removing the
The problem lies within the After updating the web.config and restarting the azure app, everything worked fine. |
Thanks @GijsHendrickx , i actually think this configuration element might be super legacy, it's prob been there since 3.x and not sure it's even needed, would have to check. But good find! |
When running the site locally or on Umbraco Cloud, editors will bookmark the back office and go there directly.
If they've not already visited the front end of the site, the ASP.NET session cookie isn't present. This causes the screens, post login, to fail cross site validation checks and 417 error codes are thrown ni the developer console.
This can be immediately remedied by going back to the front end, then returning to the back office and reloading.
The result of this issue is that you see a 'white screen of death' rather than the back office UI.
Note:
The text was updated successfully, but these errors were encountered: