Safari on mobile devices and possibly desktop devices throws HTTP 421 errors for perfectly valid CDN URLs like https://food-access-images-cdn.azureedge.net/production/6cb808d2-5e77-480c-a114-f13034c92397.png . It causes people to be entirely unable to view images on Apple devices. Can you fix this issue? It's entirely explained here https://serverfault.com/a/938265 if you need to give your development team every detail they need to fix it.
Thank you,
Shane
Ok, where can I address Apple?
Also, yes, I realize I didn't completely explain the bug, but it's outlined in the serverfault link. Essentially if you have two different images coming from two different domains using the same SSL certificate (like domain1.azureedge.net and domain2.azureedge.net), Safari tries to connect to the second domain using the same TLS connection from the first domain with the first domain in the SNI Header. Safari gets back a 421 Error because Azure considers that domain fronting, a security risk. Then Safari never retries the connection. We're probably going to consolidate to a single CDN domain, but it's still a pretty glaring issue so I thought I'd at least share as other browsers seem to reconnect gracefully, but on Safari no file ever loads.
Ok, where can I address Apple?
Also, yes, I realize I didn't completely explain the bug, but it's outlined in the serverfault link. Essentially if you have two different images coming from two different domains using the same SSL certificate (like domain1.azureedge.net and domain2.azureedge.net), Safari tries to connect to the second domain using the same TLS connection from the first domain with the first domain in the SNI Header. Safari gets back a 421 Error because Azure considers that domain fronting, a security risk. Then Safari never retries the connection. We're probably going to consolidate to a single CDN domain, but it's still a pretty glaring issue so I thought I'd at least share as other browsers seem to reconnect gracefully, but on Safari no file ever loads.
Hi,
We recently started using Azure Front Door and experienced the same issue as you described it. It doesn't reproduce on other browsers so far (Chrome, Firefox and Edge).
Have you found a solution so far, without merging your domains into one?
For what it's worth that image loads without complaint on my devices.
You are not addressing Apple on this site anyway.
I found this old page to post a bug report Feedback - Safari - Apple, hopefully it gets fixed.
👍
Safari causing HTTP 421 Errors
