Umbraco 8.0 Login Issues
am getting junk characters in the PostLogin API Response for Umbraco login. which is causing all other api's to show a 401 unauthorized error.
Even the isAuthenticated API is returning as false.
Umbraco is hosted version and we are running 8.2.0.
It is a standard installation. the LegacyEncoding is set to true.
This is the response i am getting. The leading characters are the junk characters. Image here
)]}', ---Junk Values
{"email":"xxxxxxxxxxxxxxxxxx","locale":"en-US","emailHash":"ac88ae0de8ce43ba72dac1cd208d4e87","userGroups":[],"remainingAuthSeconds":1200.0,"startContentIds":[],"startMediaIds":[],"avatars":[],"allowedSections":[],"id":-1,"name":"xxxxxxxxxxxx"}
It's not junk, it's part of AngularJS JSON security:
"Protection from JSON Hijacking is provided if the server prefixes all JSON requests with following string ")]}',\n". AngularJS will automatically strip the prefix before processing it as JSON. For more information please visit JSON Hijacking Protection."
https://docs.angularjs.org/guide/security#json-hijacking-protection
You can also see the implementation in Umbraco source code:
- Umbraco Image upload to Media folder in ASP.NET Core Web API
- Error while upgrade from Umbraco 14 to 15
- Umbraco - Duende server OpenIDconnect: InvalidOperationException
- Compiling a 6GB site
- Adding block grid content programatically in Umbraco 13
- XSLT For-Each Wrapping every nth item in a div
- How to create a post-method in an UmbracoApiController to send an Email using SMTP
- How do you create a news archive in umbraco?
- MVC and Umbraco integration
- Umbraco 7 forms conditional questions issue
- How to set up Umbraco to default in a subpage?
- DevOps pipeline 'project.assets.json' doesn't have a target for 'net8.0'
- ExaminePDF index is empty on Umbraco site after rebuilding indexes
- Umbraco Lucene Date Field Encoding convert to .net DateTime
- Why am I getting 'Model' does not contain a definition for 'oTitle' CS1061 Umbraco (12.3.4)?
- Umbraco - Using Examine to search Umbraco.Tags
- Creating a Custom field type in Umbraco to supports the invisible enterprise reCaptcha
- Umbraco 13 Macro Parameters Rich Text Editor
- Can I create all CRUD Operations in a Surface Controller in Umbraco?
- How can I update multiple Nuget packages to a specific version at the same time?
- Umbraco Form Version 12.1.1 Not working with Google reCAPTCHA V3
- umbraco how to extend the rich text editor
- Umbraco Related Links missing after V8 upgrade
- Umbraco content problems after migrate from 7.15 to 12.3 version
- What is the correct upgrade path from Umbraco version 7 to version 12?
- Umbraco 10 : Detection of browser / userAgent on localhost
- ASP.NET web.config specific redirects with a 'catch all'
- Umbraco 12 image resize with query string on IIS problem
- Umbraco 11 Rich Text Editor Text Size Picker not showing
- Multiple widget instances with weboptimizer