Azure AD B2C customization template errors

Question

I deleted my storage account which held the folder containing the B2C sign-in/sign-up policy custom UI files. Realizing my mistake, I created a new storage account and uploaded the policy files. I updated the paths in the policy configuration. Now, when clicking login, instead of the Microsoft form I get:

An unhandled exception occurred while processing the request.

InvalidOperationException: Invalid non-ASCII or control character in header: 0x000D
Microsoft.AspNetCore.Server.Kestrel.Internal.Http.FrameHeaders.ThrowInvalidHeaderCharacter(char ch)

I set a breakpoint in OpenIdConnectOptionsSetup_OnRemoteFailure where the context exception reveals:

Message contains error: 'server_error', error_description:
'AADB2C90047: The resource 'https://{StorageAccount}.blob.core.windows.net/loginui/customlogin.html' contains script errors preventing it from being loaded.
Correlation ID: fc9f9ac5-14bc-4af4-992c-a2cf0050316d
Timestamp: 2017-10-24 15:10:00Z', error_uri: 'error_uri is null'.

However, this error doesnt make much sense when the template looks like this:

<!DOCTYPE html>
<html>
   <head>
       <title>!Add your title here!</title>
   </head>
   <body>
       <div id="api"></div>
   </body>
</html>

I'm new to Azure, so I'm sure I'm missing something obvious. I just need the templates to work again.

@srm can you please upvote Chris' answer and flag the question as answered? — Saca, Oct 27 '17 at 16:52

Chris Padgett · Answer 1 · 2017-10-27T06:38:43.920

15

(Adding answer for completeness.)

Azure AD B2C loads the page UI customization files to the end-user's browser using Cross-Origin Resource Sharing (CORS).

If the customization files are deployed to a storage account, then this requires you to allow CORS on the storage account, as documented here.

You can test then whether CORS has been allowed as required as documented here.

edited Oct 27 '17 at 06:38

answered Oct 27 '17 at 06:19

Chris Padgett

14,186
1
15
28

Thanks for this. I wanted the customization files to be hosted within the app; had to add a CORS directive for Azure AD B2C into the app configuration. Your answer supplied the clues. – Rob Perkins Feb 20 '19 at 19:56

score 0 · Answer 2 · answered Apr 16 '19 at 11:54

I had the same problem. The solution is to PUT "*" in the settings of your web app. This is because after your login page call you going first to "b2clogin.com" and then return automaticly back to your web app with specific settings. But if your "CORS" setting not set, the redirection from "b2clogin.com" to your app will be restricted.

I hope it helps you.

Azure AD B2C customization template errors

2 Answers2