[openstreetmap/openstreetmap-website] Add Cross-Origin-Opener-Policy header (2ff4d6a)
Harel M
notifications at github.com
Thu Jul 10 09:43:48 UTC 2025
I've looked at the code changes made in other libraries but I'm not sure I understand how one knows that the popup window was closed and that the login flow needs to be cancelled.
Have any of you found a solution to this scenario?
I'm using an updated "private" version of osm-oauth since I also need to support capacitor login flow, which is a bit different, I can contribute to osm-auth if there's an interest there.
Here's the problem in my code with the recent change in security - the `popup.closed` is returning true now when redirecting the popup to the OSM login page, which prevent me to know if the window was actually closed and login was cancelled by the user.
https://github.com/IsraelHikingMap/Site/blob/360d968921cae4c0b355936b2710587f4dbc4881/IsraelHiking.Web/src/application/services/authorization.service.ts#L120
--
Reply to this email directly or view it on GitHub:
https://github.com/openstreetmap/openstreetmap-website/commit/2ff4d6a4e633e479568572090eb6a16074103cd9#commitcomment-161835429
You are receiving this because you are subscribed to this thread.
Message ID: <openstreetmap/openstreetmap-website/commit/2ff4d6a4e633e479568572090eb6a16074103cd9/161835429 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstreetmap.org/pipermail/rails-dev/attachments/20250710/bf7786d2/attachment-0001.htm>
More information about the rails-dev
mailing list