Login with github is creating an infinite redirect loop

[NyanKiyoshi]

Hello!

I tried to login to code.django.com with my GitHub account. After authorizing django, I get redirected to https://code.djangoproject.com/github/oauth?code=[...]&state=[...] which redirects me to the same location again, and again, and aga—.

Direct link to login (if you want to test if it works or not): https://code.djangoproject.com/github/login

I cannot reproduce it on Chrome. Only on my firefox profile.

Firefox Profile

Your user agent: Mozilla/5.0 (X11; Linux x86_64; rv:58.0) Gecko/20100101 Firefox/58.0
Other HTTP headers
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip, deflate, br
Accept-Language: fr,en;q=0.8,en-GB;q=0.7,en-US;q=0.5,tr;q=0.3,de;q=0.2
Host: next.duckduckgo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:58.0) Gecko/20100101 Firefox/58.0
COOKIE: 5=2; aj=m; ad=en_US
DNT: 1
UPGRADE-INSECURE-REQUESTS: 1

Chromium Profile

Your user agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.146 Safari/537.36
Other HTTP headers
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Host: duckduckgo.com
Referer: https://duckduckgo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.146 Safari/537.36
UPGRADE-INSECURE-REQUESTS: 1

---

Note: I "disable" (target URL is put instead of previous URL) HTTP referrers if the target base domain is different from the previous one.

Edit: it looks like the referrers are causing this infinite loop. Disabling this module fixes it. But this issue shouldn't occur—still.