[keycloak-user] IPhone turns off local storage by default and that causes Keycloak.js to fail.

Dean Peterson peterson.dean at gmail.com
Sat Jan 31 12:27:11 EST 2015


Do you have a suggested approach to handling this?  Prompt the user that
they should turn off private browsing on their Iphone?

On Fri, Jan 30, 2015 at 2:48 AM, Stian Thorgersen <stian at redhat.com> wrote:

> Only option would be to disable state verification, which could leave it
> open to CSRF.
>
> ----- Original Message -----
> > From: "Dean Peterson" <peterson.dean at gmail.com>
> > To: keycloak-user at lists.jboss.org
> > Sent: Monday, 26 January, 2015 12:34:26 AM
> > Subject: [keycloak-user] IPhone turns off local storage by default and
> that causes Keycloak.js to fail.
> >
> > IPhones are in private mode by default. When in private mode, they do not
> > allow localstorage. Any application secured with the pure js keycloak
> file
> > fails. When I turn private mode off, the application works. Will
> Keycloak be
> > supporting IPhones with the pure javascript client in the future without
> > requiring users turn private mode off?
> >
> > I get the following error in private mode. The highlighted code is what
> > causes the error:
> >
> > QuotaExceededError: DOM Exception 22: An attempt was made to add
> something to
> > storage that exceeded the quota.
> >
> > Jessicakc.createLoginUrl = function(options) {
> > var state = createUUID();
> >
> > var redirectUri = adapter.redirectUri(options);
> > if (options && options.prompt) {
> > if (redirectUri.indexOf('?') == -1) {
> > redirectUri += '?prompt=' + options.prompt;
> > } else {
> > redirectUri += '&prompt=' + options.prompt;
> > }
> > }
> >
> > sessionStorage.oauthState = state;
> >
> > var url = getRealmUrl()
> > + '/tokens/login'
> > + '?client_id=' + encodeURIComponent(kc.clientId)
> > + '&redirect_uri=' + encodeURIComponent(redirectUri)
> > + '&state=' + encodeURIComponent(state)
> > + '&response_type=code';
> >
> > if (options && options.prompt) {
> > url += '&prompt=' + options.prompt;
> > }
> >
> > if (options && options.loginHint) {
> > url += '&login_hint=' + options.loginHint;
> > }
> >
> > return url;
> > }
> >
> >
> >
> > _______________________________________________
> > keycloak-user mailing list
> > keycloak-user at lists.jboss.org
> > https://lists.jboss.org/mailman/listinfo/keycloak-user
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20150131/c40df0c0/attachment.html 


More information about the keycloak-user mailing list