On our online application we are facing with some strange behavior for a small percentage of our firefox users (<1%).
When doing oauth2 authorization, after generatio… (funda kabanzi)
On our online application we are facing with some strange behavior for a small percentage of our firefox users (<1%).
When doing oauth2 authorization, after generation of the authentication token we redirect to another platform but we are detecting that for a small percentage of Firefox the cookie (my_auth_cookie) with the auth token is not present.
GET: https://www.mywebsite.com/application/login
Response:
new location
https://www.mywebsite.com/otherapplication/redirect
set-cookie: my_auth_cookie expires=Mon, 04 Dec 2023 13:49:15 GMT; domain=.mywebsite.com; path=/; secure; samesite=lax; httponly
2. GET https://www.mywebsite.com/otherapplication/redirect
Set-cookie: mycookie: value
Host: www.mywebsite.com
In cookie tab I see my_auth_cookie (value: xxxx, domain: .mywebsite.com, expires: Mon, 04 Dec 2023 13:49:15 GMT, httponly: checked, secure: checked,SameSite: Lax, partitionkey: empty, Priority: medium
I’ve tried to replicate but without success (with multiple extensions, including multi-account containers), with multiple configurations of Total Cookie Protection.
Again, this only seems to be happening to a very limited number of firefox users but for these, it happens 100% of the time. We see it occurring for versions 119 and 120 but now and then for older versions.
Feedback reports no extensions&addons.
Any ideas on what we could be dealing with? Any help would be greatly appreciated.