Instant loading should default to window.location on 4xx status code #3886
Description
Contribution guidelines
- I've read the contribution guidelines and wholeheartedly agree
I want to suggest an idea and checked that ...
- ... to my best knowledge, my idea wouldn't break something for other users
- ... the documentation does not mention anything about my idea
- ... there are no open or closed issues that are related to my idea
Description
Our organisation protects our static sites behind authentication based on a token stored as a cookie. This is implemented via lambda@edge on cloudfront, but equally applies to any other proxy that supports authentication. When the cookie / token expires, the XHR requests used by the instant integration silently fails and navigation breaks. I would expect this to be a fairly common use case, such as those used by backstage.io and private GitHub pages deployments in GHE.
The recommendation is to have the instant integration fallback to setting the window location, which would allow any proxies to correctly handle the redirects required to refresh the tokens, or to at least fail with an unauthorised error so the user knows what is going on, instead of silently failing.
Use Cases
- Enable authenticated (private) sites to correctly handle oidc flows or other auth flows that cannot be handled via XHR (such as browser redirects)
- Enable the user to react to the error condition if the server renders error pages. As of right now, there is no no 5B3D tification / toast, etc, that would alert the user as to why navigation is not functioning.
Screenshots / Mockups
No response