Page MenuHomePhabricator
Differential D20206

Fix Facebook login on mobile violating CSP after form redirect
ClosedPublic
Actions

Authored by epriestley on Feb 23 2019, 12:58 AM.
Tags
None
Referenced Files
F19467833: D20206.diff
Sat, Jan 3, 6:14 PM
F19313968: D20206.id48246.diff
Thu, Dec 25, 1:58 AM
F19082924: D20206.id48246.diff
Dec 2 2025, 12:27 PM
F19045373: D20206.id.diff
Nov 27 2025, 7:17 AM
F19040208: D20206.diff
Nov 26 2025, 11:34 AM
F18985043: D20206.id48244.diff
Nov 17 2025, 12:51 PM
F18978939: D20206.diff
Nov 16 2025, 9:01 PM
F18812541: D20206.id.diff
Oct 20 2025, 10:16 AM
View All Files
Subscribers
None

Details

Reviewers
amckinley
Maniphest Tasks
T13254: "Login with Facebook" may fail CSP after redirect to "m.facebook.com"
Commits
rP701a9bc339b9: Fix Facebook login on mobile violating CSP after form redirect
Summary

Fixes T13254. See that task for details.

Test Plan

Used iOS Simulator to do a login locally, didn't get blocked. Verified CSP includes "m.facebook.com".

Diff Detail

Repository
rP Phabricator
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

epriestley created this revision.Feb 23 2019, 12:58 AM
Harbormaster completed remote builds in B22101: Diff 48244.Feb 23 2019, 1:00 AM
epriestley requested review of this revision.Feb 23 2019, 1:00 AM
amckinley added inline comments.Feb 23 2019, 2:11 AM
src/applications/auth/provider/PhabricatorFacebookAuthProvider.php
117–127

Is this just incidentally dead code you're removing?

amckinley accepted this revision.Feb 23 2019, 2:15 AM
amckinley added inline comments.
src/applications/auth/provider/PhabricatorFacebookAuthProvider.php
117–127

Yeah it looks dead to me and grep.

This revision is now accepted and ready to land.Feb 23 2019, 2:15 AM
epriestley added a comment.Feb 23 2019, 2:35 AM

Yeah, sorry, no callsites per grep. And probably won't work without changes in a T6703 world anyway, since there might plausibly be multiple Facebook auth providers.

Closed by commit rP701a9bc339b9: Fix Facebook login on mobile violating CSP after form redirect (authored by epriestley). · Explain WhyFeb 23 2019, 1:25 PM
This revision was automatically updated to reflect the committed changes.

Revision Contents
Changeset List

PathSize
src/
applications/
auth/
provider/
19 lines

Diff 48246

View Options

src/applications/auth/provider/PhabricatorFacebookAuthProvider.php

Loading...
Phabricator · Built by Phacility