Infinite redirect loop on same-domain deployments

[stx-chris]

Preliminary Checks

• I have reviewed the documentation: https://clerk.com/docs
• I have searched for existing issues: https://github.com/clerk/javascript/issues
• I have not already reached out to Clerk support via email or Discord (if you have, no need to open an issue here)
• This issue is not a question, general help request, or anything other than a bug report directly related to Clerk. Please ask questions in our Discord community: https://clerk.com/discord.

Reproduction / Replay Link

N/A

Publishable key

pk_test_ZW5hYmxpbmctb3NwcmV5LTUxLmNsZXJrLmFjY291bnRzLmRldiQ

Description

This is a re-post of my comments in #1436, as I think this issue has a specific reason:

We are experiencing infinite redirects since the release of our production environment. The issue might be tied to the \\\__client_uat cookie which is available twice if both the develop and the main instance are running on the same domain.

We have the following scenario:

development on a.b.c.mysite.io
main on app.mysite.io
This is the cookie we see on main:

\\\__client_uat =
This is what we see on develop:

First cookie, domain "a.b.c.mysite.io": \\\__client_uat =
Second cookie, domain ".mysite.io": \\\__client_uat = 0
Once one has visited the main site with their browser and switches to develop to test something, the site is trapped in an infinite loop with the error referring to the said cookie, ie.

The Cookie '\\\__client_uat' has been rejected for invalid domain.

We have to painfull clear the cookies, refresh everything and refrain from accessing the live site in the same session. It never occurs on localhost. Anybody else having this issue?

(Node v18.17.0, @clerk/nextjs v4.29.3, in Docker)

Environment

System:
    OS: macOS 14.3
    CPU: (10) arm64 Apple M1 Max
    Memory: 63.23 MB / 32.00 GB
    Shell: 5.9 - /bin/zsh
  Binaries:
    Node: 18.17.0 - ~/.nvm/versions/node/v18.17.0/bin/node
    Yarn: 3.5.0 - ~/.nvm/versions/node/v18.17.0/bin/yarn
    npm: 9.6.7 - ~/.nvm/versions/node/v18.17.0/bin/npm
    pnpm: 8.6.2 - ~/Library/pnpm/pnpm
  Browsers:
    Chrome: 120.0.6099.216
    Safari: 17.3
  npmPackages:
    @types/node: 20.11.0 => 20.11.0

[stx-chris]

Dear team, according to the discussions on Discord a lot of people have this problem of infinite loading loops. Is there any progress on that or a mitigation strategy besides working in incognito mode or clearing all cookies beforehand?

[royanger]

Hi @stx-chris,

Unfortunately Clerk does not support using more than one instance on a single TLD at this time. There are a few things that can cause infinite redirects, but when we confirm a Discord user or anyone submitting a support request is using two or more instances on one domain we reiterate this limitation.

Some options

• You can use your production deployment on your domain, and then use a preview type domain from your host, if your host offers one, for development. IE .vercel.app
• You can use production keys for both a.b.c.mysite.io and app.mysite.io, however you would need to login at mysite.io so the cookies work smoothly for both. This would share the user base of course
• You could use a second, free Clerk app and a second domain and deploy to that for a preview type deployment

Please let me know if you have any questions.

[stx-chris]

Hi @royanger, thx for following up on this. I understand and we'll try to move the dev-environment to another domain. Please note, however, that a setup dev/test/staging/prod on the same domain is a very common pattern and other companies are facing the same issue and might not switch to other domains because one element of the toolchain cannot cope with it.

May I ask you to prioritize this issue and discuss with the team potential solutions to make it work? Thank you!

[LekoArts]

Hey,

as my colleague said it's currently not supported but we do track the request here: https://feedback.clerk.com/roadmap/b4c407a7-4514-4ff6-85f7-39a8a645397b

It's on our radar and we intent to fix it, but for now please resort to the workarounds that were given.