Discource-C
/
discourse
mirror of https://github.com/discourse/discourse.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
37,094 Commits 188 Branches 500 Tags 870 MiB
Commit Graph

4 Commits

Author SHA1 Message Date
David Taylor cf60de59b1 FIX: Allow omniauth confirmation page to pass through GET parameters 
Using the rails `form_tag` helper generates a form with the action attribute set to the current URL (without parameters). In this case, we want to include any GET parameters, so it is better to exclude the action attribute from the form tag, and allow browsers to submit to the current URL.
 2020-01-08 15:31:51 +00:00
David Taylor d2bceff133
FEATURE: Use full page redirection for all external auth methods (#8092) 
Using popups is becoming increasingly rare. Full page redirects are already used on mobile, and for some providers. This commit removes all logic related to popup authentication, leaving only the full page redirect method.

For more info, see https://meta.discourse.org/t/do-we-need-popups-for-login/127988
 2019-10-08 12:10:43 +01:00
David Taylor 213b7d19d9 UX: Fallback to unlocalized auth provider name if required 2019-08-13 01:22:02 +01:00
David Taylor 3b8c468832 SECURITY: Require POST with CSRF token for OmniAuth request phase 2019-08-08 11:58:00 +01:00