My site has a _redirects
file that contains a redirect to an API, as described in “Proxy to another service.” Below is an example.
/api/* https://api.mydomain.com/api/:splat 200!
Generally, this works as expected. We are integrating a new authentication flow that causes problems. The browser issues a request that gets proxied. That request has query parameters. The server responds with a 302 with the Location header set to a URL with no query parameters. Netlify adds the original query parameters back onto the response. This is not expected and breaks the flow in a very bad way. Below is an example.
-
Start request
GET https://my-app.netlify.app/api/oauthCallback?code=aaaaa&state=abc123
-
Proxied request
GET https://api.mydomain.com/api/oauthCallback?code=aaaaa&state=abc123
-
Response
302 Location https://my-app.netlify.app
-
Proxied response
302 Location https://my-app.netlify.app?code=aaaaa&state=abc123
Is there a way to not include query parameters for this case?