HomePhabricator
Diffusion Phabricator 9356a993a8a0

(stable) Perform a client-side redirect after OAuth server authorization
9356a993a8a0
Actions

Description

(stable) Perform a client-side redirect after OAuth server authorization

Summary:
Ref T13099. See that task for discussion. Chrome is unhappy with an MFA form submitting to an endpoint which redirects you to an OAuth URI.

Instead, do the redirect entirely on the client.

Chrome's rationale here isn't obvious, so we may be able to revert this at some point.

Test Plan: Went through the OAuth flow locally, was redirected on the client. Will verify in production.

Maniphest Tasks: T13099

Differential Revision: https://secure.phabricator.com/D19177

Details

Provenance
epriestleyAuthored on Mar 6 2018, 6:25 PM
epriestleyPushed on Mar 6 2018, 8:19 PM
Differential Revision
D19177: Perform a client-side redirect after OAuth server authorization
Parents
rPe43f2e0cee09: (stable) Don't emit Content-Security-Policy when returning a response during…
Branches
Unknown
Tags
Unknown
Tasks
T13099: Plans: 2018 Week 10 Bonus Content
Build Status
Buildable 19750
Build 26751: Run Core Tests

Changes (3)

PathSize
resources/
celerity/
src/
applications/
oauthserver/
controller/
webroot/
rsrc/
js/
core/

rP9356a993a8a0

View Options

resources/celerity/map.php

Loading...
View Options

src/applications/oauthserver/controller/PhabricatorOAuthServerAuthController.php

Loading...
View Options

webroot/rsrc/js/core/behavior-redirect.js

Loading...
Phabricator · Built by Phacility