github-starred/open-webui
2
0
Fork 0
mirror of https://github.com/open-webui/open-webui.git synced 2026-05-06 19:08:59 -05:00
Code Issues 1.3k Packages Projects Releases 126 Wiki Activity

Login breaks back button on Firefox, history -2 auth #2595

New Issue
Closed
opened 2025-11-11 15:10:17 -06:00 by GiteaMirror · 0 comments
GiteaMirror commented 2025-11-11 15:10:17 -06:00
Owner
Copy Link

Originally created by @Immortality-IMT on GitHub (Nov 8, 2024).

Bug Report

Installation Method: git clone, build a docker image, docker compose up

  • Open WebUI: v0.3.35
  • Ollama: v0.4.0
  • Operating System: Linux Mint 22
  • Browser (if applicable): Firefox 131.0.3 (64-bit)

Expected Behavior:

The user has not logged in, so hitting auth the back button in Firefox bounces back to log in, rather it should go to the previous page.

Actual Behavior:

The user has not logged in, in auth hitting the back button bounces back to the login page.

Description

Hit the link on website1 and OpenWebUI auto logs in if creditials are saved, else it redirects to the login page. In Chrome hitting the back button returns to website1, in firefox it bounces, attempts to auto-login again and re-displays the login page. Hitting the back button then does not return to website1 but attempts to auto log in again and then re-redirects to the same login page and the back button gets stuck. This only occurs in Firefox and it is fixed in Chrome.

Make a html link and go to openwebui, make sure login creditials are not saved and then push the back button.

The issue is in the auth section of the code. In open webui when the their is no login it redirects to auth page and then pressing the back button keeps redirecting to the auth page and not going back -2, for instance, website1 -> opwenwebui -> no login redirects to auth page, back button repeat the redirect and does not return to website 1.

                                        if (sessionUser) {
						// Save Session User to Store
						await user.set(sessionUser);
					} else {
						// Redirect Invalid Session User to /auth Page
						localStorage.removeItem('token');
window.history.replaceState(null, '', '/auth');   // perhaps add this
						await goto('/auth');
					}

Check for Redirection Loops: Before redirecting to the /auth page, the code checks if the current path is already /auth. This prevents the redirection loop.

Use history.replaceState: Instead of just calling goto('/auth'), the code uses history.replaceState to replace the current history entry. This helps in maintaining the correct navigation stack.

Originally created by @Immortality-IMT on GitHub (Nov 8, 2024). # Bug Report Installation Method: git clone, build a docker image, docker compose up - Open WebUI: v0.3.35 - Ollama: v0.4.0 - Operating System: Linux Mint 22 - Browser (if applicable): Firefox 131.0.3 (64-bit) ## Expected Behavior: The user has not logged in, so hitting auth the back button in Firefox bounces back to log in, rather it should go to the previous page. ## Actual Behavior: The user has not logged in, in auth hitting the back button bounces back to the login page. ## Description Hit the link on website1 and OpenWebUI auto logs in if creditials are saved, else it redirects to the login page. In Chrome hitting the back button returns to website1, in firefox it bounces, attempts to auto-login again and re-displays the login page. Hitting the back button then does not return to website1 but attempts to auto log in again and then re-redirects to the same login page and the back button gets stuck. This only occurs in Firefox and it is fixed in Chrome. Make a html link and go to openwebui, make sure login creditials are not saved and then push the back button. The issue is in the auth section of the code. In open webui when the their is no login it redirects to auth page and then pressing the back button keeps redirecting to the auth page and not going back -2, for instance, website1 -> opwenwebui -> no login redirects to auth page, back button repeat the redirect and does not return to website 1. ``` if (sessionUser) { // Save Session User to Store await user.set(sessionUser); } else { // Redirect Invalid Session User to /auth Page localStorage.removeItem('token'); window.history.replaceState(null, '', '/auth'); // perhaps add this await goto('/auth'); } ``` Check for Redirection Loops: Before redirecting to the /auth page, the code checks if the current path is already /auth. This prevents the redirection loop. Use history.replaceState: Instead of just calling goto('/auth'), the code uses history.replaceState to replace the current history entry. This helps in maintaining the correct navigation stack.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
bug
confirmed
confirmed issue
core
documentation
enhancement
good first issue
help wanted
non-core
pull-request
Mirrored from GitHub Pull Request
 python
question
testing wanted
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/open-webui#2595
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?