Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
H
H
Homakov2012-07-03 20:53:50
Ruby on Rails
Homakov, 2012-07-03 20:53:50

How to get rid of default OAuth Callback Forgery?

homakov.blogspot.com/2012/07/saferweb-most-common-oauth2.html
who would solve the problem without leaving the parameter optional?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
L
larikov, 2012-07-03
@larikov

This article describes the solution.
You are supposed to send special optional param 'state' - any random hash you get back by Provider in User's callback: ?code=123&state=HASH. Before adding OAuth account you MUST verify session[state] is equal params[state].

Similar questions
K
Karina2015-04-18 18:33:44
Can you help me understand the syntax? 1Reply
D
Daniel2542015-04-22 17:45:00
How to drill down on Unicorn's memory usage? 1Reply
S
Sergey Goryachev2017-04-17 17:05:15
Is it possible to painlessly change Home Page to My Page in Redmine? 1Reply
A
Anton Misyagin2015-04-24 12:54:23
How to make backup and fog friends? 2Reply
H
hardwin2017-04-19 14:27:35
Tips for a beginner rubist on pre-junior employment, what to look for? 3Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question