Limit on HTTP 302 redirects too low

Fixed, flighted Issue #9958138

Details

Author
Sebastiaan V.
Created
Nov 25, 2016
Privacy
This issue is public.
Found in
  • Microsoft Edge
Found in build #
38.14393
Fixed in build #
15034
Reports
Reported by 1 person

Sign in to watch or report this issue.

Steps to reproduce

My customers are most of the times not satisfied with the Microsoft Edge Browser (both stable and preview), because it is not doing well with federated identity management. Current Enterprise web SSO is mostly based on SAML 2 which uses the HTTP 302 redirect functionality very frequently.

My tests with both stable and preview releases show that the Microsoft Edge Browser is limited on 10 HTTP 302 redirects. This leads to broken functionality as the redirect between IDP and SP halts when reaching the limit of 10.

Compared to other Browsers this value is very low:

Chrome 49: 21 redirects
Chrome Canary 49: 21 redirects
Firefox 43: 20 redirects
IE 9: 121 redirects
IE 10: 121 redirects
IE 11: 110 redirects
Opera 28: 21 redirects
Opera 36: 21 redirects
Safari 5.1.7: 16 redirects

The most interesting part is that older releases of the Microsoft Edge Browser support higher limits. For example version 20.10240.16384.0 supports as many as 110 redirects.

I haven’t seen any release notes that explicitly talk about reducing the HTTP 302 limit from 110 to 10 so I suspect this is a bug.

Attachments

0 attachments

    Comments and activity

    • Microsoft Edge Team

      Changed Assigned To to “Brad E.”

      Changed Assigned To to “Venkat K.”

      Changed Assigned To from “Venkat K.” to “Rajat J.”

      Changed Status to “Confirmed”

      Changed Assigned To from “Rajat J.” to “Nicolas A.”

      Changed Status from “Confirmed” to “Fixed, not yet flighted”

    • Thank you for bringing this bug to our attention. We have fixed the bug and it will be available in a future insider build.

    • Microsoft Edge Team

      Changed Status from “Fixed, not yet flighted” to “Fixed, flighted”

    You need to sign in to your Microsoft account to add a comment.

    Sign in