cf60de59b1
FIX: Allow omniauth confirmation page to pass through GET parameters
...
Using the rails `form_tag` helper generates a form with the action attribute set to the current URL (without parameters). In this case, we want to include any GET parameters, so it is better to exclude the action attribute from the form tag, and allow browsers to submit to the current URL.
2020-01-08 15:31:51 +00:00
d2bceff133
FEATURE: Use full page redirection for all external auth methods ( #8092 )
...
Using popups is becoming increasingly rare. Full page redirects are already used on mobile, and for some providers. This commit removes all logic related to popup authentication, leaving only the full page redirect method.
For more info, see https://meta.discourse.org/t/do-we-need-popups-for-login/127988
2019-10-08 12:10:43 +01:00
d407bcab36
FIX: Correctly escape category description text ( #8107 )
...
* FIX: Correctly escape category description text
This bug has been introduced in db14e109437ad338e3e6/app/models/theme.rb (L237-L242)
2019-10-01 12:04:39 -04:00
213b7d19d9
UX: Fallback to unlocalized auth provider name if required
2019-08-13 01:22:02 +01:00
3b8c468832
SECURITY: Require POST with CSRF token for OmniAuth request phase
2019-08-08 11:58:00 +01:00
a6eca28ec6
CSP - extract all other inline JavaScripts ( #6528 )
...
* wizard page inline js
* print topic inline js
* drop JS for preventing double submission
this is the default behavior with Rails' UJS `disable_with` helper
* omniauth complete redirect JS
* account activate inline js
2018-10-25 09:52:01 -04:00
f08995c390
Remove unused code lines
2017-12-29 12:32:18 +05:30
66e53f449a
UX: Auth complete page/modal has a link to continue to the site to accomodate auth methods that can't automatically redirect to Discourse
2017-11-21 13:56:19 -05:00
cef64e8f03
UX: Use `no_ember` styling for omniauth error page
2017-11-15 14:04:26 -05:00
f7c303c82e
FIX: If there's no `window.opener` use the localStorage method for login
2016-07-08 14:45:34 -04:00
eff2865278
FIX: Support create account on facebook browser
2016-06-10 11:12:46 -04:00
171dbd4b09
Allow redirects on Facebook Browser
2016-06-09 15:51:46 -04:00
f6eb5e823b
Temporarily remove FB browser redirect
2016-06-09 15:35:17 -04:00
ba5993ae79
FIX: Invalid escaping of URL
2016-06-09 15:10:21 -04:00
4730c82b3a
FIX: Detect `window.opener`
2016-06-09 14:51:38 -04:00
eee15dfe7f
FIX: On facebook browser, don't close the window but redirect instead
2016-06-09 14:20:44 -04:00
b6c2aa13e6
clean up implementation of non frame login / registration
2015-10-13 14:49:09 +11:00
fab51496cb
correct full screen login feature
2015-10-13 13:11:49 +11:00
b3aebca406
FEATURE: allow auto provider to specify "full screen login"
...
this feature means we attempt to log in without opening a frame.
2015-10-13 12:23:34 +11:00
57e3323663
redirect back to base uri if there is no window opener.
2015-10-13 12:03:43 +11:00
b4960d48b4
Better support for passing up errors when OmniAuth fails after auth
2015-06-24 12:12:43 -04:00
4762b4ac24
FIX: on completion of external auth, window.close may fail because of iOS Safari bug. Prompt user to manually close the window.
2014-10-15 11:00:34 -04:00
075002a6d5
refactoring the plugin interfaces to allow for better extensible
2013-08-26 12:59:17 +10:00
9bf5e31f94
some more extracted strings for translation
2013-03-03 23:00:16 +01:00
ad5a5b4866
This commit adds a callback route to handle omniauth failure and removes a few unneccessary entries in en.yml
2013-02-14 18:08:40 -08:00
9189d937f7
move all logic to omniauth
...
implement omniauth-facebook / omniauth-twitter
2013-02-13 15:08:38 +08:00
David Taylor
Jarek Radosz
Kyle Zhao
Vinoth Kannan
Neil Lalonde
Robin Ward
Sam
Kuba Brecka
Jesse Pollak
xdite