Description
What happened?
Summary
When attempting to log in from my application hosted on http://we.dev.localtest.me:4211/, an HTTP 403 Forbidden error is encountered. However, the redirection from http://localhost:4211/ works as expected.
Caveat
we.dev.localtest.meresolves to 127.0.0.1.localtest.meis a special domain that resolves toA=127.0.0.1andAAAA = ::1. It is a convenient way to test a multi-tenant application locally.
Steps to Reproduce: (My Local Setup)
- Create tenant
- Create an application for that tenant.
- Configure
Authorized originsandAuthorized redirectsto containhttp://localhost:4211andhttp://we.dev.localtest.me:4211(4211is a port that UI is hosted on) - Navigate to http://localhost:4211 and click login.
- It redirects to
http://localhost:9011/(FusionAuth also running in docker). - Type the email and password from one of the users.
- Redirects back to
http://localhost:4211. - Navigate to
http://we.dev.localtest.me:4211and click login. - It redirects to
http://localhost:9011/with status code403 Forbidden.
Expected Result:
Login from http://we.dev.localtest.me:4211 should work identically to http://localhost:4211.
Actual Result:
FusionAuth fails to redirect back to http://we.dev.localtest.me:4211. It results in HTTP 403.
Additional Information:
- Environment: Development
- Version: 1.53.2
- My Repo - fossa-app/scripts
Proposed Solution:
Environment variable that allows insecure redirects (redirect to HTTP instead of HTTPS only)
Notes
Nothing is logged in docker console during the HTTP 403 error.
Version
1.53.2
Affects Versions
No response