[openstreetmap/openstreetmap-website] OAuth2 form-action CSP error (Issue #3424)
Tom Hughes
notifications at github.com
Mon Jan 17 10:23:56 UTC 2022
Have you already authorized the application? What happens if you remove that authorization - does it work then?
I suspect what is happening is that login is redirecting to authorize which is then redirecting to your callback because the application was already authorized and the browser is applying the original policy from login rather than the one send by the redirect to authorize.
That's a pain because it means reducing the policy for login even more :-(
--
Reply to this email directly or view it on GitHub:
https://github.com/openstreetmap/openstreetmap-website/issues/3424#issuecomment-1014362221
You are receiving this because you are subscribed to this thread.
Message ID: <openstreetmap/openstreetmap-website/issues/3424/1014362221 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstreetmap.org/pipermail/rails-dev/attachments/20220117/a1f50933/attachment-0001.htm>
More information about the rails-dev
mailing list