Skip to content

Fix oauth client redirect #17411

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
rullzer merged 1 commit into from
Oct 7, 2019
Merged

Fix oauth client redirect #17411

rullzer merged 1 commit into from
Oct 7, 2019

Conversation

@kinolaev
Copy link
Member

@kinolaev kinolaev commented Oct 4, 2019

Problem: Chrome prevents redirect to oauth redirect url because of CSP 'form-action' on grant page. Firefox allows redirect from form submission responses but Chrome doesn't (see MDN, W3C).
Solution: allow oauth redirect url in CSP.

@kinolaev kinolaev force-pushed the fix-oauth2-redirect branch from 10ac2fd to 5c8f82f Compare October 4, 2019 17:08
@kesselb kesselb added this to the Nextcloud 18 milestone Oct 4, 2019
rullzer
rullzer approved these changes Oct 4, 2019
View reviewed changes
Copy link
Member

@rullzer rullzer left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nice catch!
For bonus point tests would be cool! 😉

@kinolaev
fix oauth client redirect
1b5d85a 
Signed-off-by: Sergej Nikolaev <[email protected]>
@kinolaev kinolaev force-pushed the fix-oauth2-redirect branch from 5c8f82f to 1b5d85a Compare October 4, 2019 18:09
@kinolaev
Copy link
Member Author

kinolaev commented Oct 4, 2019

Hello @rullzer! Thank you for quick reply, I fixed a test.

@kesselb kesselb mentioned this pull request Oct 5, 2019
Closed
@kinolaev
Copy link
Member Author

kinolaev commented Oct 7, 2019

Hello @ChristophWurst, can you please review this small patch? Oauth authentication doesn’t work for now in Chrome.

@rullzer rullzer merged commit a02a626 into nextcloud:master Oct 7, 2019
@rullzer
Copy link
Member

rullzer commented Oct 7, 2019

/backport to stable17

@backportbot-nextcloud backportbot-nextcloud bot mentioned this pull request Oct 7, 2019
Merged
@backportbot-nextcloud
Copy link

backportbot-nextcloud bot commented Oct 7, 2019

backport to stable17 in #17438

@JamesDAdams
Copy link

JamesDAdams commented Oct 24, 2020

Same error with nextcloud 20 in Chrome and new Edge browser

@Robbendebiene Robbendebiene mentioned this pull request Jan 17, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@rullzer rullzer rullzer approved these changes

@ChristophWurst ChristophWurst ChristophWurst approved these changes

Assignees

No one assigned

Labels

3. to review Waiting for reviews bug feature: authentication

Projects

None yet

Milestone

Nextcloud 18.0.0

Development

Successfully merging this pull request may close these issues.

5 participants

@kinolaev @rullzer @JamesDAdams @ChristophWurst @kesselb