Page MenuHomePhabricator

Fix Facebook login on mobile violating CSP after form redirect
ClosedPublic

Authored by epriestley on Feb 23 2019, 12:58 AM.
Tags
None
Referenced Files
F21301135: D20206.diff
Thu, Jul 9, 9:08 AM
Unknown Object (File)
Wed, Jul 8, 3:08 PM
Unknown Object (File)
Fri, Jul 3, 11:56 PM
Unknown Object (File)
Fri, Jul 3, 11:56 PM
Unknown Object (File)
Fri, Jul 3, 11:56 PM
Unknown Object (File)
Wed, Jul 1, 2:07 PM
Unknown Object (File)
Wed, Jul 1, 2:07 PM
Unknown Object (File)
Thu, Jun 25, 7:56 PM
Subscribers
None

Details

Summary

Fixes T13254. See that task for details.

Test Plan

Used iOS Simulator to do a login locally, didn't get blocked. Verified CSP includes "m.facebook.com".

Diff Detail

Repository
rP Phabricator
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

src/applications/auth/provider/PhabricatorFacebookAuthProvider.php
117–127

Is this just incidentally dead code you're removing?

amckinley added inline comments.
src/applications/auth/provider/PhabricatorFacebookAuthProvider.php
117–127

Yeah it looks dead to me and grep.

This revision is now accepted and ready to land.Feb 23 2019, 2:15 AM

Yeah, sorry, no callsites per grep. And probably won't work without changes in a T6703 world anyway, since there might plausibly be multiple Facebook auth providers.

This revision was automatically updated to reflect the committed changes.