[openstreetmap/openstreetmap-website] Add Cross-Origin-Opener-Policy header (2ff4d6a)
Tom Hughes
notifications at github.com
Mon Jul 7 18:25:34 UTC 2025
So in the case of https://osmlab.github.io/osm-auth/ it looks like the problem is that final redirect page is trying to access the parent page to pass the authorization code back but I can't see any value for the COOP header that would allow that while not allowing the parent to interfere with the authorisation window.
I don't know about Rapid or Overpass but the user experience of that osm-auth popup is absolutely horrible in any case...
--
Reply to this email directly or view it on GitHub:
https://github.com/openstreetmap/openstreetmap-website/commit/2ff4d6a4e633e479568572090eb6a16074103cd9#commitcomment-161613216
You are receiving this because you are subscribed to this thread.
Message ID: <openstreetmap/openstreetmap-website/commit/2ff4d6a4e633e479568572090eb6a16074103cd9/161613216 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstreetmap.org/pipermail/rails-dev/attachments/20250707/8030b83b/attachment.htm>
More information about the rails-dev
mailing list