Unexpected requests to `/users/undefined` causing unwanted 404 in Rails-based webapp
milgner opened this issue · comments
Browser: Firefox Linux 112.0.2 (64-bit), Omni 1.4.5
In a Rails-based application using a cookie session store, the behaviour of the user sign in changes depending on whether Omni is installed. The request body remains the same, but in the response (status code 302) the Location
header changes (or appears to change in the browser development tools network tab):
Without Omni installed, the location header is http://hostname/
.
With Omni installed, the location header is http://hostname/users/undefined
, resulting in 404 status.
Debugging into the controller it looks like the session key user_return_to
is indeed set to the value /users/undefined
.
When disabling Omni or using a browser without Omni installed, everything works as expected. It looks like a request to /users/undefined
is made by the extension in the background without showing up in the logs and changing the state of the backend in the process.
On one hand, I guess that the backend should be more robust and not let its state get changed by these GET
requests; OTOH, I'm not sure how and why the extension sends the request - but it seems like anything with undefined
in it, shouldn't result in a call to the remote server at all?