Forum Stats

  • 3,815,192 Users
  • 2,258,976 Discussions
  • 7,892,986 Comments

Discussions

APEX: Too many redirects

13

Answers

  • Billy Verreynne
    Billy Verreynne Software Engineer Member Posts: 28,800 Red Diamond

    It is using IPv6. Unlikely that this is the cause of the issue, but you can confirm anyway by doing the same test just done using https://127.0.0.1:8443/ords/f?p=TEST URL. This URL forces IPv4 to be used.

    You should get the same error with IPv4. If not, then it would be very weird that IPv6 is triggering the redirects. Potentially a bug in APEX or ORDS.

    What I do suspect though is that this is not a browser, ORDS, or APEX issue. But something else.

    APEX creates a session ID and passes the browser a session cookie, telling the browser to redirect to that URL that contains the new session ID.

    The browser does this. Uses the redirect URL, and with that URL request, it passes the session cookie it received.

    This is what the HAR file shows.

    Only APEX responds as if the cookie it received is invalid, or missing, for the URL session ID it needs to service. And the only logical explanation at this stage is, that this is exactly what happens.

    I suspect that the cookie is either removed or reset in transit - so that what APEX receives from the browser, is not what the browser passed. And this only happens for multiple session cookies for the same URL. Single/first session cookie is fine and not tampered with. Multiple session cookies lead to some kind of external interference.

    As localhost networking is used, the thing that causes this external interference is on your platform.

    More facts - you tested several browsers, and the browsers all behaved the same way. No other user reports of APEX and ORDS not working on Windows 10. Thus the assumptions that the redirect issue is not caused by the browser, ORDS or APEX, but an external component (like security s/w) is the cause.

  • AndyH
    AndyH Member Posts: 803 Bronze Trophy

    What seems to happen is that the browser sets the cookie received, and responds to the web server with that cookie. Only for the web server not to accept that cookie, and to issue a new cookie. And for this sequence to repeat and repeat...

    I've seen this happen with a badly configured proxy that either doesn't convert the cookie path correctly or doesn't correctly deal with https/http - e.g. the initial logon generates a HTTPS cookie, but the next call is looking for an HTTP cookie and so can't read the previously generated one. Similar things happen if you access the site in one tab using HTTPS and then access in another tab with HTTP.

  • user8952845
    user8952845 Member Posts: 17 Blue Ribbon

    "Thus the assumptions that the redirect issue is not caused by the browser, ORDS or APEX, but an external component (like security s/w) is the cause."

    This is a pretty fresh installation of Win10 with very little installed - Photoshop, Lightroom, Microsoft Office, and Kaspersky mainly. I've tried pausing Kaspersky to no avail. Both Kaspersky and Windows 10 itself are set to automatically detect proxy server settings. I never did anything proxy related. Following your suggestion (Andy), I did set Kaspersky to not use proxy server, but that too made no difference.

    I really do appreciate both of you helping out!


  • AndyH
    AndyH Member Posts: 803 Bronze Trophy

     I never did anything proxy related.


    I was mainly thinking of cases where you might use Apache or Nginx to proxy to Tomcat running ORDS. Often, you'd use the proxy to terminate HTTPS connections and access Tomcat under HTTP: you need to configure the proxy connections so that APEX doesn't try to generate HTTP-based URL's.

    As soon as I click run, the new tab opens all by itself.

    When you are in developer mode, 'run' will open a new tab so that you can run the application and make changes to pages in the background.

  • Billy Verreynne
    Billy Verreynne Software Engineer Member Posts: 28,800 Red Diamond

    It's unlikely to be a proxy issue as you are using the localhost address - that web traffic never leaves your platform.

    I do not use Windows much anymore. But have seen very weird things that is related to Windows and network security applications and devices. I have our Windows and network security folk saying that there are no deep packet inspection of web traffic , but have shown how changing the HTTP User Agent in packets causes those packets to be denied access to our Internet proxy servers. Only deep packet inspection could be responsible for this in my view. And they have no idea why this is happening.

    The weird thing in your case is that the first initial APEX session is created successfully and works - be that APEX IDE, our your APEX app. Subsequent sessions fail.

    So it it not a binary case of working or failing. Which makes identifying the cause of the error more complex.

    Not sure what else you could do to troubleshoot this issue. I would use tools such as curl and tcpdump/WireShark for troubleshooting, but one needs to be familiar with the HTTP and TCP protocols. The troubleshooting needs to isolate and test various moving parts in order to identify just where the error occurs.

  • user8952845
    user8952845 Member Posts: 17 Blue Ribbon

    I guess I'll just resign myself to using the workaround of developing in one browser and running my app in another. Not the worst thing that could happen!

    I'm just a little surprised that I'm the only one having this problem though. This is a fresh vanilla install of Windows 10 Pro 20H2 done at the end of November. I just did a clean boot with all non-Microsoft services and startup programs disabled and experienced the same exact behaviour.

    Anyway, I do really thank you for the attempt to help me. I appreciate it!

    Wayne

  • AndyH
    AndyH Member Posts: 803 Bronze Trophy

    I've tried pausing Kaspersky to no avail. Both Kaspersky and Windows 10 itself are set to automatically detect proxy server settings. 

    Kaspersky Proxy Server (or Kaspersky Secure Network, Certificate Scanner, Encrypted Connection Scanning or similar?) attempts to get in the middle of all HTTPS conversations where it acts as a proxy - your browser connects to KPS and it contacts the destination. You can usually confirm if this is happening by checking the certificate that you see associated with a site - if it mentions Kaspersky then you know that the proxy is running and intercepting your calls. I generally try to turn this 'feature' off as it can hide issues with remote sites without letting you deal with it.

    Billy Verreynne
  • Billy Verreynne
    Billy Verreynne Software Engineer Member Posts: 28,800 Red Diamond

    Think Andy is on the right track here - as something local is interfering with HTTP traffic on your platform.

  • User_DCEOR
    User_DCEOR Member Posts: 1 Red Ribbon

    Wayne, did you manage to resolve the issue? I experience exactly the same one and I have fresh install of Windows 10 Pro on VirtualBox . No antivirus whatsoever.


    OracleXE184_Win64

    apex_20.2_en

    ords-20.4.3.050.1904

  • user8952845
    user8952845 Member Posts: 17 Blue Ribbon

    No, I've just resigned myself to using two browsers and copying and pasting links. My Windows install is also fresh and very vanilla.

    Sorry,

    Wayne