Cacheability Metadata Leakage Error on SAML Login with Samlauth and r4032 Redirect Module

We have encountered the same with 3.10 version.

Also checked that changes from https://git.drupalcode.org/project/samlauth/-/commit/b938d0c56d5319c07ce... started to trigger the warning.

There is also related discussion on even if it's older https://lab.civicrm.org/dev/drupal/-/issues/173

What I could say about our site is that it's fully behind authentication so user gets redirected to SAML login when accessing homepage or any page. If this helps.

nsciacca → closed merge request !25

I read through all the other issues like 3232577 → and did a traceback and found the same issue as reported, it's the destination param and the URL generation that's leaking the data. Using the example in the Lullabot article I updated the call to the Url class to include the TRUE flag for collecting the metadata and returning the generated url. Available for testing in the MR. Here's a link to the patch as well: https://git.drupalcode.org/project/samlauth/-/merge_requests/26/diffs.patch

Thanks @nsciacca, the patch works for me.

Thank you this also fixes my issue.

Thank you for fixing this. The fix is exactly as it should be. 🐛 Redirect after login not correct when using base_path Fixed should never have been committed as-is, especially since the main maintainer of this module (me) is probably the one making the most noise about these errors, and possibly the only one spamming people's logs.

(
By the way, I'm not even sure that the warning is accurate anymore, since 📌 Exception in EarlyRenderingControllerWrapperSubscriber is a DX nightmare, remove it Needs work has been unceremoniously committed, after waiting in limbo for 8 years. I'll have to read up on the current situation / re-test which exact circumstances would still make Core trigger such a "leaked cacheability metadata" exception.
)

Automatically closed - issue fixed for 2 weeks with no activity.