Similar SAML requests blocked issue

Ask for help about NoScript, no registration needed to post
debugger
Posts: 2
Joined: Mon Nov 27, 2017 10:36 am

Similar SAML requests blocked issue

Post by debugger »

I read "[Resolved] SAML requests blocked" viewtopic.php?f=7&t=26677 which in the end solved my problem.

I navigated to our internal company page, which redirects to https://login.microsoftonline.com for SAML authentication after 2-Factor authentication it redirect back to the internal company page - this last step fails.

The SAML request to the internal page uses the following headers and is cross domain (obviously):
  • Fetch-Dest: document
    Sec-Fetch-Mode: navigate
    Sec-Fetch-Site: same-origin
The reason for me turned out to be that I applied the following settings for https://login.microsoftonline.com
  • Enable these capabilities when top page matches: ...microsoftonline.com
    script
    frame
    fetch
    noscript
    lan
After reverting it to:
  • Enable these capabilities when top page matches: ANY
    script
    frame
    fetch
    noscript
    lan
A better error message in the debug console CTRL+I of Firefox would have helped me to understand WHY the SAML-request was blocked.
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:101.0) Gecko/20100101 Firefox/101.0