Forum Discussion

Maven

10 years ago

SSO registration page strips anchor from URL when redirects

Background: Our community is private, so all users who view it are signed in with SSO. To participate (vote/reply/etc.), users must choose a username.

The Problem: When we send users to the SSO page with a dest_url including an anchor tag, the anchor tag is stripped. (This is part of a workaround where we send users to the sso registration page manually when they click "Vote" on an idea, because the default Lithium behavior was to disable the action.)

For example, when users are on the SSO registration page, they are at this URL:

https://community.stage.fitbit.com/t5/user/ssoregistrationpage?dest_url=https://community.stage.fitbit.com/t5/Share-Your-Story/MY-EYES-HURT/m-p/717#M33

Once users choose a username, they are redirected to:

https://community.stage.fitbit.com/t5/Share-Your-Story/MY-EYES-HURT/m-p/717

The #M33 anchor on the end is missing! How do we make the anchor tag stay when the SSO page is redirecting to the dest_url value?

Thanks!

JasonL
10 years ago
hi iftomkins

Afraid it's not possible. if I understand correctly, the browser will not send the URL fragment to server

Here's a quote from:

https://blog.httpwatch.com/2011/03/01/6-things-you-should-know-about-fragment-urls/

"

2. Fragments Are not Sent in HTTP Request Messages

If you try using fragment URLs in an HTTP sniffer like HttpWatch, you’ll never see the fragment IDs in the requested URL or Referer header. The reason is that the fragment identifier is only used by the browser – it doesn’t affect which resource is returned from the server.

"

Since the Server never gets the URL fragment ID, it will not be able to redirect with any fragment ID

JasonL
Lithium Alumni (Retired)
10 years ago
hi iftomkins

Afraid it's not possible. if I understand correctly, the browser will not send the URL fragment to server

Here's a quote from:

https://blog.httpwatch.com/2011/03/01/6-things-you-should-know-about-fragment-urls/

"

2. Fragments Are not Sent in HTTP Request Messages

If you try using fragment URLs in an HTTP sniffer like HttpWatch, you’ll never see the fragment IDs in the requested URL or Referer header. The reason is that the fragment identifier is only used by the browser – it doesn’t affect which resource is returned from the server.

"

Since the Server never gets the URL fragment ID, it will not be able to redirect with any fragment ID
- iftomkins
  Maven
  10 years ago
  Thanks, Jason! That's too bad. Do you know of any workarounds?
  - JasonL
    Lithium Alumni (Retired)
    10 years ago
    hi iftomkins
    
    no workarounds that i'm aware of.
    
    but i do question if the URL fragment is really needed for your use case. by default, the "Reply" button is correctly mapped to the reply page message id so even after login redirection, it goes comes back reply page with the correct id (no need for the URL fragment)

Forum Discussion

SSO registration page strips anchor from URL when redirects

2. Fragments Are not Sent in HTTP Request Messages

2. Fragments Are not Sent in HTTP Request Messages

Related Content

Re: Atlas Sign-On & Registration for Marketing Customers

URL Redirects

Standalone Registration Modal

Updates to Sign In/Registration

redirection many locale

Recent Discussions

API v1 docs gone since Atlas migration to Aurora

Does anyone know how to change the display title of Custom Fields in Aurora?

Can someone walk me through authenticating and using Postman with Aurora?

Seeking Advice on Restricting Access to a posts to those who have the permalink.

TinyMceEditor is undefined