Page MenuHomePhabricator
Differential D20206

Fix Facebook login on mobile violating CSP after form redirect
ClosedPublic
Actions

Authored by epriestley on Feb 23 2019, 12:58 AM.
Tags
None
Referenced Files
F20647106: D20206.id48246.diff
Sun, Jun 21, 2:28 AM
Unknown Object (File)
Apr 4 2026, 11:02 PM
Unknown Object (File)
Mar 29 2026, 1:25 PM
Unknown Object (File)
Mar 14 2026, 1:43 PM
Unknown Object (File)
Mar 2 2026, 4:33 AM
Unknown Object (File)
Feb 26 2026, 9:13 AM
Unknown Object (File)
Feb 22 2026, 9:22 AM
Unknown Object (File)
Jan 31 2026, 9:39 PM
View All Files
Subscribers
None

Details

Reviewers
amckinley
Maniphest Tasks
T13254: "Login with Facebook" may fail CSP after redirect to "m.facebook.com"
Commits
rP701a9bc339b9: Fix Facebook login on mobile violating CSP after form redirect
Summary

Fixes T13254. See that task for details.

Test Plan

Used iOS Simulator to do a login locally, didn't get blocked. Verified CSP includes "m.facebook.com".

Diff Detail

Repository
rP Phabricator
Branch
fb1
Lint
Lint Passed
Unit
Tests Passed
Build Status
Buildable 22101
Build 30194: Run Core Tests
Build 30193: arc lint + arc unit

Event Timeline

epriestley created this revision.Feb 23 2019, 12:58 AM
Harbormaster completed remote builds in B22101: Diff 48244.Feb 23 2019, 1:00 AM
epriestley requested review of this revision.Feb 23 2019, 1:00 AM
amckinley added inline comments.Feb 23 2019, 2:11 AM
src/applications/auth/provider/PhabricatorFacebookAuthProvider.php
117–127

Is this just incidentally dead code you're removing?

amckinley accepted this revision.Feb 23 2019, 2:15 AM
amckinley added inline comments.
src/applications/auth/provider/PhabricatorFacebookAuthProvider.php
117–127

Yeah it looks dead to me and grep.

This revision is now accepted and ready to land.Feb 23 2019, 2:15 AM
epriestley added a comment.Feb 23 2019, 2:35 AM

Yeah, sorry, no callsites per grep. And probably won't work without changes in a T6703 world anyway, since there might plausibly be multiple Facebook auth providers.

Closed by commit rP701a9bc339b9: Fix Facebook login on mobile violating CSP after form redirect (authored by epriestley). · Explain WhyFeb 23 2019, 1:25 PM
This revision was automatically updated to reflect the committed changes.

Revision Contents
Changeset List

PathSize
src/
applications/
auth/
provider/
19 lines

Diff 48244

View Options

src/applications/auth/provider/PhabricatorFacebookAuthProvider.php

Loading...
Phabricator · Built by Phacility