Brave-browser: TOO MANY REDIRECTS caused by Brave's user agent behavior

Created on 16 Nov 2019  路  9Comments  路  Source: brave/brave-browser

Description

Hello:

With recent Brave releases, there was a change to the user-agent behavior that breaks authentication on sites that utilize zmartzone/mod_auth_openidc. Effectively, Brave now randomizes the number of Braves in the user-agent, which some authentication systems rely on.

The issue is documented in more detail here: https://github.com/zmartzone/mod_auth_openidc/issues/452

Can an option be added to disable this behavior? This currently breaks Brave for use on our internal sites.

Steps to Reproduce

  1. Go to an internal authenticated site that uses zmartzone/mod_auth_openidc
  2. ERR_TOO_MANY_REDIRECTS

Brave version (brave://version info)

Brave | 1.0.0 Chromium: 78.0.3904.97聽(Official Build)聽(64-bit)
Revision | 021b9028c246d820be17a10e5b393ee90f41375e-refs/branch-heads/3904@{#859}
QNo bug release-noteinclude
Source
picture mikegrima

All 9 comments

Is there a public test site that can be used to reproduce the problem?

fmarier picture fmarier on 17 Nov 2019

That's a great question. I have not encountered any issues with public sites -- only our internal sites.

@drkancharla is there an easy way to demonstrate this behavior -- like a docker image that could be set up to make it easy to test?

mikegrima picture mikegrima on 18 Nov 2019

Definitely a bug with the custom user-agent logic we have:
https://github.com/brave/brave-core/blob/66ceaf3491778f7d9a62f215c8fb47b318c9b181/browser/net/brave_site_hacks_network_delegate_helper.cc#L62-L76

Appears it will always do a substitution, leading to multiple Brave strings in the UA

bsclifton picture bsclifton on 4 Dec 2019

Marking as QA/No since I don't believe there are steps to reproduce. But we have an automated test in https://github.com/brave/brave-core/pull/4143

bsclifton picture bsclifton on 10 Dec 2019

I've reproduced on netflix.com - it redirected me to the russian site :) After the redirect "Brave Brave" is visible in User-Agent in devtools

iefremov picture iefremov on 10 Dec 2019
👍1

@bsclifton I'm happy to test this with a pre-release version.

mikegrima picture mikegrima on 10 Dec 2019

Confirmed that the nightly works 馃帀

Thank you all for getting this done!

mikegrima picture mikegrima on 10 Dec 2019

@mikegrima awesome! Thanks for confirming 馃槃馃憤

bsclifton picture bsclifton on 10 Dec 2019

Is it possible to move this to an earlier release? I would really like to start using Brave at work again.

I can confirm that it's working perfectly in the 1.4.x Dev release.

mikegrima picture mikegrima on 18 Jan 2020
🎉1
Was this page helpful?
0 / 5 - 0 ratings

Related issues

GeetaSarvadnya picture GeetaSarvadnya  路  3Comments
kjozwiak picture kjozwiak  路  3Comments
kerry-perret picture kerry-perret  路  3Comments
pitsi picture pitsi  路  3Comments
Sondro picture Sondro  路  3Comments