github/pangolin
1
1
Fork 0
mirror of https://github.com/fosrl/pangolin.git synced 2026-04-06 01:11:57 +02:00
Code Issues 85 Packages Projects Releases Wiki Activity

Redirect loop, can't access any resources, can only access pangolin itself. #1760

New Issue
Closed
opened 2026-04-05 19:40:52 +02:00 by MrUnknownDE · 0 comments
MrUnknownDE commented 2026-04-05 19:40:52 +02:00
Owner
Copy Link

Originally created by @ellite on 2/26/2025

I have discussed this issue on Discord before. It was happening on Firefox on my laptop. Now it's happening on my phone Brave iOS. On the laptop is easy to remove the cookies and move on, but not on the phone.
Seems to work fine on my laptop on both Brave and ARC, so it's hard to find the cause of the issue.

Symptoms:

try to open a resource on firefox:

service.domain.tld

results on a 302 to https://pangolin.domain.tld/auth/resource/2?redirect=https%3A%2F%2Fservice.domain.tld%2F
which results on a 307 back to https://service.domain.tld/?p_session_request=tyznl7i47g6ci6cazr27vhdq67fb52ui
which results on a 302 to https://service.domain.tld/
which results on a 302 to https://pangolin.domain.tld/auth/resource/2?redirect=https%3A%2F%2Fservice.domain.tld%2F

and so on, and so on and so on.

Seems to loop 5 times until firefox responds with:

The page isn’t redirecting properly

Firefox has detected that the server is redirecting the request for this address in a way that will never complete.

Note that the p_session_request is different on each iteration of the loop.
But I always end up at https://service.domain.tld/?p_session_request=sometoken

Image

On mobile the behaviour is a bit different

Every resource I try to open I see the login page. It shows the credentials pre filled, but it fails to login if I press submit. If I press the icon to show the password, the input fields are now empty. (nothing to do with this probably)

Then I login and end up on a "This site can't be reached page" with the p_session_request=sometown on the url
If I refresh, I see the login page again. and the same happens and it seems it keeps adding p_session_request to the url as you try and try again.

I ended up with this:
https://service.domain.tld/?p_session_request=wh7qovs5olsnuct65p63jnoke67avzak&p_session_request=fxu5i3knxjcq6lxegahi25v4gscazmnt&p_session_request=d2vvt462kuntd42payujlmtrxgyq4lyl&p_session_request=bxypfrfyjbm7m4jwsfjutolzk4kqhoum&p_session_request=2aa7zglzy6sebzxu3c6d2c4odccbgteg&p_session_request=s66mazgzqxx2w7uo4ruj5zwenauvaqig&p_session_request=e3667mo6ppir4ayngryz3nzac3w3gcat&p_session_request=juvopnvu4pmjnxelmdekhstvykdnevfy&p_session_request=vln2umvusx7jk7uur5cdpy3ej6mgfe5q&p_session_request=ibeqaa4b5gvtuszn7rdxjo44jabgqkui&p_session_request=c53xva7uugyommmgvopprn7cefwqcgxf

$ sudo docker compose logs -f does not show anything as I am making this requests.

Please let me know if I can add more information on the issue.
At the moment I can't access any resource via browser on my phone, since I can't delete individual site cookies.
On firefox desktop I can resolve it by deleting the cookies for my domain (I have to use an extension, since the offending cookie can not be deleted directly on the developer tools) , but it comes back eventually. Sometimes after a couple of minutes, sometime after a couple of hours.

*Originally created by @ellite on 2/26/2025* I have discussed this issue on Discord before. It was happening on Firefox on my laptop. Now it's happening on my phone Brave iOS. On the laptop is easy to remove the cookies and move on, but not on the phone. Seems to work fine on my laptop on both Brave and ARC, so it's hard to find the cause of the issue. Symptoms: try to open a resource on firefox: ``` service.domain.tld results on a 302 to https://pangolin.domain.tld/auth/resource/2?redirect=https%3A%2F%2Fservice.domain.tld%2F which results on a 307 back to https://service.domain.tld/?p_session_request=tyznl7i47g6ci6cazr27vhdq67fb52ui which results on a 302 to https://service.domain.tld/ which results on a 302 to https://pangolin.domain.tld/auth/resource/2?redirect=https%3A%2F%2Fservice.domain.tld%2F ``` and so on, and so on and so on. Seems to loop 5 times until firefox responds with: The page isn’t redirecting properly Firefox has detected that the server is redirecting the request for this address in a way that will never complete. Note that the p_session_request is different on each iteration of the loop. But I always end up at https://service.domain.tld/?p_session_request=sometoken ![Image](https://github.com/user-attachments/assets/eb90baab-d177-47a0-b0b2-b5c7d5dcc577) On mobile the behaviour is a bit different Every resource I try to open I see the login page. It shows the credentials pre filled, but it fails to login if I press submit. If I press the icon to show the password, the input fields are now empty. (nothing to do with this probably) Then I login and end up on a "This site can't be reached page" with the p_session_request=sometown on the url If I refresh, I see the login page again. and the same happens and it seems it keeps adding p_session_request to the url as you try and try again. I ended up with this: https://service.domain.tld/?p_session_request=wh7qovs5olsnuct65p63jnoke67avzak&p_session_request=fxu5i3knxjcq6lxegahi25v4gscazmnt&p_session_request=d2vvt462kuntd42payujlmtrxgyq4lyl&p_session_request=bxypfrfyjbm7m4jwsfjutolzk4kqhoum&p_session_request=2aa7zglzy6sebzxu3c6d2c4odccbgteg&p_session_request=s66mazgzqxx2w7uo4ruj5zwenauvaqig&p_session_request=e3667mo6ppir4ayngryz3nzac3w3gcat&p_session_request=juvopnvu4pmjnxelmdekhstvykdnevfy&p_session_request=vln2umvusx7jk7uur5cdpy3ej6mgfe5q&p_session_request=ibeqaa4b5gvtuszn7rdxjo44jabgqkui&p_session_request=c53xva7uugyommmgvopprn7cefwqcgxf $ sudo docker compose logs -f does not show anything as I am making this requests. Please let me know if I can add more information on the issue. At the moment I can't access any resource via browser on my phone, since I can't delete individual site cookies. On firefox desktop I can resolve it by deleting the cookies for my domain (I have to use an extension, since the offending cookie can not be deleted directly on the developer tools) , but it comes back eventually. Sometimes after a couple of minutes, sometime after a couple of hours.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
Improvement
Improvement
Improvement
Improvement
Look Into
Security
Security
api
api
authentication
authentication
authentication
authentication
authentication
authentication
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
config
config
config
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
docker
docker
docker
docker
docker
documentation
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
go
go
go
go
go
go
go
go
go
go
good first issue
good first issue
good first issue
good first issue
good first issue
good first issue
good first issue
good first issue
good first issue
good first issue
good first issue
good first issue
good first issue
good first issue
good first issue
good first issue
good first issue
good first issue
good first issue
help wanted
help wanted
help wanted
help wanted
help wanted
help wanted
help wanted
help wanted
help wanted
help wanted
help wanted
help wanted
help wanted
help wanted
help wanted
help wanted
help wanted
help wanted
help wanted
help wanted
help wanted
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
networking
new feature
new feature
new feature
new feature
new feature
new feature
new feature
new feature
new feature
new feature
new feature
new feature
new feature
new feature
new feature
non-critical bug
non-critical bug
non-critical bug
non-critical bug
non-critical bug
non-critical bug
non-critical bug
non-critical bug
non-critical bug
non-critical bug
non-critical bug
non-critical bug
non-critical bug
non-critical bug
potential bug
potential bug
potential bug
potential bug
potential bug
potential bug
potential bug
potential bug
potential bug
potential bug
potential bug
potential bug
question
reverse proxy
reverse proxy
reverse proxy
reverse proxy
reverse proxy
reverse proxy
reverse proxy
reverse proxy
reverse proxy
reverse proxy
reverse proxy
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
ui
ui
ui
ui
ui
ui
wontfix
No Label authentication authentication authentication authentication authentication bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
MrUnknownDE
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github/pangolin#1760
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?