Page MenuHomePhabricator

Fix Facebook login on mobile violating CSP after form redirect
ClosedPublic

Authored by epriestley on Sat, Feb 23, 12:58 AM.

Details

Summary

Fixes T13254. See that task for details.

Test Plan

Used iOS Simulator to do a login locally, didn't get blocked. Verified CSP includes "m.facebook.com".

Diff Detail

Repository
rP Phabricator
Lint
Automatic diff as part of commit; lint not applicable.
Unit
Automatic diff as part of commit; unit tests not applicable.

Event Timeline

epriestley created this revision.Sat, Feb 23, 12:58 AM
epriestley requested review of this revision.Sat, Feb 23, 1:00 AM
amckinley added inline comments.Sat, Feb 23, 2:11 AM
src/applications/auth/provider/PhabricatorFacebookAuthProvider.php
117–127

Is this just incidentally dead code you're removing?

amckinley accepted this revision.Sat, Feb 23, 2:15 AM
amckinley added inline comments.
src/applications/auth/provider/PhabricatorFacebookAuthProvider.php
117–127

Yeah it looks dead to me and grep.

This revision is now accepted and ready to land.Sat, Feb 23, 2:15 AM

Yeah, sorry, no callsites per grep. And probably won't work without changes in a T6703 world anyway, since there might plausibly be multiple Facebook auth providers.

This revision was automatically updated to reflect the committed changes.