IntenseWebs/discourse
3
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-02-25 18:55:32 -06:00
Code Issues Packages Projects Releases Wiki Activity

FIX: Auth popup handling for Safari same-site cookie quirks

Browse Source 
When opening authentication popup, start with an on-site URL. Opening "about:blank", and then POSTing the form does not send same-site=Lax cookies. Opening the popup to a page on the site domain, and then POSTing the form, works successfully.
This commit is contained in:
David Taylor 2019-08-30 17:55:18 +01:00
parent e515324afa
commit 310a8ac242
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/assets/javascripts/discourse/models/login-method.js.es6
View File

@ -53,7 +53,7 @@ const LoginMethod = Ember.Object.extend({
} }
LoginMethod.buildPostForm(authUrl).then(form => { LoginMethod.buildPostForm(authUrl).then(form => {
const windowState = window.open( const windowState = window.open(
"about:blank", authUrl,
"auth_popup", "auth_popup",
`menubar=no,status=no,height=${height},width=${width},left=${left},top=${top}` `menubar=no,status=no,height=${height},width=${width},left=${left},top=${top}`
); );