Duo crashes with FF 106.0.5 on Windows 10
I am configuring a new desktop. My university uses Duo for 2-step security. When I use Firefox 106.0.5, Duo returns "500: Internal Server Error". Edge works. I'm assuming this is a new problem since I haven't located any other mentions of it so I'm assuming that this is either a new problem or particular to the University of Alabama.
All Replies (1)
Your browser identified itself as Firefox 52 on Windows XP. Different computer? If you do have Firefox 106 running in backwards compatibility mode to XP, please turn that off.
A server may return a 500 error to some browsers and not others if the request included unexpected data or is missing expected data.
Sometimes the problem lies in stale cookies. In a new installation with no customizations, that shouldn't be an issue, but just in case: You can clear a site's cookies on the Settings page, Privacy & Security Panel, Cookies and Site Data section, using the Manage Data dialog. Possibly the Duo server is different from the main server (check history?). Try clearing cookies for both and see whether that makes any difference.
Sometimes the problem lies in modified headers. In a new installation with no customizations, that shouldn't be an issue.
Circling back to a possible cross-site issue: Firefox recently rolled out "Total Cookie Protection" to more users. This limits how sites can use "third party" or "cross-site" cookies, meaning cookies from different websites than the one you see in the address bar. Some sites pass you back and forth between different servers during login because they have their services spread out over a number of different servers. In those cases, you might be able to submit a form successfully on one page and then the next page says you are not logged in, or perhaps failure to pass a cookie to the MFA server is causing its unhappiness.
You can make exceptions to this feature when needed (for each server that you visit as part of the process of using this company's services). More info in the following articles:
- Introducing Total Cookie Protection in Standard Mode
- Total Cookie Protection and website breakage FAQ
Any difference?