https://bugs.kde.org/show_bug.cgi?id=519076
outfrost <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |[email protected] --- Comment #3 from outfrost <[email protected]> --- Problem exists in 26.04.1 flatpak, and while in an abstract sense it could be seen as a browser bug, practically I don't think it can be dismissed as such. NeoChat closes its callback socket on first connection attempt. This trips up modern browsers (tested with Chromium and LibreWolf), which seem to connect multiple times. So far I can only speculate why they do that, as I don't have time to do a full packet sniff. Maybe it's to first attempt a TLS handshake, or maybe it's to fetch some unrelated URL. Regardless of why the first attempt fails, it would make more sense to keep the socket (and therefore HTTP server) open until either it receives a well-formed callback (not necessarily a valid token, but at least some token), or the user navigates away from the login flow. It would both solve the general case, and give users with HTTPS-only mode enabled an opportunity to create an exception. Note that NeoChat doesn't reopen the socket when you click on "Re-open SSO URL". That to me seems to confirm that closing the callback socket so early is not intended behaviour. -- You are receiving this mail because: You are watching all bug changes.
