IE 8 unable to redirect to relative path

Question

In my SSO service I'm redirecting the incoming request after validation which response message is

HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: /home?s=ZXVuPXN0YWZmdXNyMDE7ZXVwPXN0QGZmdXNSMDE7b2ZmaWNlaWQ9O29mZmljZT07Y3VzdD1PSzt0cz03MzUyNjIwNDIwO3ZlbmRvcj0xO3N1bj1zZWVrZXIwN0BkZW1vLmNvbTs=
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Mon, 27 Jan 2014 09:20:36 GMT
Content-Length: 261

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="/home?s=ZXVuPXN0YWZmdXNyMDE7ZXVwPXN0QGZmdXNSMDE7b2ZmaWNlaWQ9O29mZmljZT07Y3VzdD1PSzt0cz03MzUyNjIwNDIwO3ZlbmRvcj0xO3N1bj1zZWVrZXIwN0BkZW1vLmNvbTs=">here</a>.</h2>
</body></html>

The above 302 message happens after bunch of redirects between client and server i have listed it below using fiddler

#   Result  Protocol    Host    URL Body    Caching Content-Type    Process Comments    Custom  
4   302 HTTPS   client.net  /ok/r/oauth/authorize?client_id=bededeb806f783b75ef94ad871a4e03e2c7aeb1fb316d8822233afaa664d17cb&redirect_uri=https%3A%2F%2Fexample.sso.com%2FOKJobMatch.aspx&state=hk1udegmnspyvum5obcwscwe&response_type=code 232 no-cache, private   text/html; charset=utf-8    iexplore:5324           
Suceeded
6   301 HTTPS   example.sso.com /OKJobMatch.aspx?code=c4ee0346f27db36ea662b1d14d3adc6ba6d33e11c3a9dddf759619cf778b0b24&state=hk1udegmnspyvum5obcwscwe   317 private     text/html; charset=utf-8    iexplore:5324           
Suceeded
8   302 HTTPS   example.com /home?s=ZXVuPXN0YWZmdXNyMDE7ZXVwPXN0QGZmdXNSMDE7b2ZmaWNlaWQ9O29mZmljZT07Y3VzdD1PSzt0cz03MzUyNjQwNTQzO3ZlbmRvcj0xO3N1bj1zZWVrZXIwN0BkZW1vLmNvbTs=    261 private     text/html; charset=utf-8    iexplore:5324           
Suceeded with response which mentioned above in the question

9   404 HTTPS   client.net  /home?s=ZXVuPXN0YWZmdXNyMDE7ZXVwPXN0QGZmdXNSMDE7b2ZmaWNlaWQ9O29mZmljZT07Y3VzdD1PSzt0cz03MzUyNjQwNTQzO3ZlbmRvcj0xO3N1bj1zZWVrZXIwN0BkZW1vLmNvbTs=    0           iexplore:5324           
Failed

Now all the other browsers including IE 9,10 and Chrome, Mozilla was able to understand this and redirect appropriately but IE 8 is not able to redirect, but it throws a 404 error.

On further analysis

we have found that once the 302 message is delivered IE is using the domain of client URL instead the server URL

So instead of going to https://example.com/home It is going to http://client.net.home. this looks strange because example.com is the one which delivered the redirection message.

Is this something to do with the referrer attribute of http message because i noticed that the referrer is set in the client message

Clients Request after redirection [which genarates the 404 error]

GET https://client.net/home?s=ZXVuPXN0YWZmdXNyMDE7ZXVwPXN0QGZmdXNSMDE7b2ZmaWNlaWQ9O29mZmljZT07Y3VzdD1PSzt0cz03MzUyNjUwNDM4O3ZlbmRvcj0xO3N1bj1zZWVrZXIwN0BkZW1vLmNvbTs= HTTP/1.1
Accept: image/jpeg, image/gif, image/pjpeg, application/x-ms-application, application/xaml+xml, application/x-ms-xbap, */*
Referer: https://deployment.ajla.net/ok/mn_loginstatistics_dsp.cfm
Accept-Language: en-US
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729)
Accept-Encoding: gzip, deflate
Host: deployment.ajla.net
Connection: Keep-Alive
Cache-Control: no-cache
Cookie: _ga=GA1.3.502780954.1391010694; CFID=90758; CFTOKEN=4b494a1b21bbdc06-D9196ABC-FAE3-1AFE-97F781B8328159A0; TEST=1; USAGE_BYPASS=A819843C5390612C307C2E9A433D04101C64C9842FB41146ECFE739EDEDB13F4D692A9A537C758E1F5548B2306170514FAE5F13FF767A436FD24140F4B90F6A2; AJLAUTHSESSION=D93D4D42-ABAC-D007-DC3A2A48361A041C; _joblink_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFRkkiJTg2MTlkMDZmZjZhMDIwODhkZWJhMjIxODNiN2I2NTNmBjsAVEkiDHVzZXJfaWQGOwBGaQNZnRk%3D--8592abe6d424b90671f013da99d74a1df8e84a33

for the same scenario mozilla and other browsers choose www.example.com as the domain. Is this because of the referrer attribute, if yes is there a way to fix it in client code ?

EDIT 2

    <rewrite>
        <rules>
            <rule name="Redirect to HTTPS" stopProcessing="true">
                <match url="(.*)" />
                <conditions>
                    <add input="{HTTPS}" pattern="^OFF$" />
                </conditions>
                <action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" redirectType="SeeOther" />
            </rule>
        </rules>
    </rewrite>

I noticed that during first redirection from client site to our site there are two 302 happens first one returns a relative path. Second one returns a absolute path. the second one is generated from source but the first one is not from source. I'm not sure where this redirection happens. I suspect this could have happened because of http redirection set on the site. but im not sure anyway just pasted the http redirection settings above.

can someone tell is there is any workaround to do this ?

Answer 1

I have used a workaround for fixing this issue, i know it may not be a legitimate solution but i don't have no other option to make this work in IE8

 protected void Application_EndRequest()
        {
            if (Context.Response.StatusCode == 302)
            {

                if (Context.Response.RedirectLocation.ToLower().StartsWith("/home") && Request.Params.Get("s") != null)
                {
                    Context.Response.RedirectLocation = System.Web.HttpContext.Current.Request.Url.OriginalString;
                }
            }

        }

Answer 2

Depending on how your SSO handler works, you could use the Response.Redirect( ... ) function to redirect the browser. This function will take a relative URI using the "~/path/to/file" notation.

Answer 3

Since all browsers will understand absolute paths, return an absolute path. We won't be able to change IE8.