dosubot[bot] commented on issue #11492:
URL: https://github.com/apache/apisix/issues/11492#issuecomment-2275389245
<!-- Greeting -->
Hey @markusmueller! 👋 I'm here to help you with any bugs, questions, or
contributions you have regarding our repository.
<!-- Answer -->
To address the issue with the `/logout` path not redirecting correctly in
Firefox version 128.0 or higher, you can patch the APISIX openid-connect plugin
to overwrite the `Accept` header. Here is how you can do it:
1. **Modify the Plugin Code**:
Add a function to handle the `/logout` path and set the `Accept` header
to `text/html`.
```lua
local function handle_logout_request()
local uri = ngx.var.uri
if uri == "/logout" then
ngx.req.set_header("Accept", "text/html")
end
end
```
2. **Integrate the Function**:
Call this function in the main handler function of the plugin. The main
handler function in the openid-connect plugin is the `rewrite` function.
```lua
function _M.rewrite(plugin_conf, ctx)
local conf = core.table.clone(plugin_conf)
-- Previously, we multiply conf.timeout before storing it in etcd.
-- If the timeout is too large, we should not multiply it again.
if not (conf.timeout >= 1000 and conf.timeout % 1000 == 0) then
conf.timeout = conf.timeout * 1000
end
local path = ctx.var.request_uri
-- Call the function to handle the logout request
handle_logout_request()
-- Continue with the rest of the plugin logic
end
```
3. **Test the Patch**:
Ensure that the logout request is properly handled in the plugin's test
cases. You can add a test case to verify that the `Accept` header is set
correctly during the logout process.
```lua
local http = require "resty.http"
local httpc = http.new()
local uri = "http://127.0.0.1:"; .. ngx.var.server_port .. "/logout"
local res, err = httpc:request_uri(uri, {method = "GET"})
ngx.status = res.status
local location = res.headers['Location']
if location and string.find(location, 'https://iresty.com') ~= -1 and
string.find(location, 'post_logout_redirect_uri=https://iresty.com')
~= -1 then
ngx.say(true)
end
```
This patch ensures that when the `/logout` path is accessed, the `Accept`
header is set to `text/html`, which should resolve the redirection issue in
Firefox version 128.0 or higher
<sup>[[1]](https://github.com/apache/apisix/blob/master/docs/en/latest/plugins/openid-connect.md)</sup><sup>[[2]](https://github.com/apache/apisix/blob/master/apisix/plugins/openid-connect.lua)</sup><sup>[[3]](https://github.com/apache/apisix/blob/master/t/plugin/openid-connect.t)</sup>.
<!-- Dosu Comment Footer -->
*To continue talking to [Dosu](https://dosu.dev), mention @dosu.*
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
