Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

PAUSE login fails - link in conf email gives me some JSON, refs CPAN-…

  • Loading branch information...
commit 92816c5af52ff6a8c8e4358e6ed69b1ef3df780e 1 parent 8f3d2d9
@monken monken authored
2  inc/monken/p5-elasticsearch-model
@@ -1 +1 @@
-Subproject commit cebf76929125d0895148deaa2007da61b0fad769
+Subproject commit 65be0e1926d0e482c6b2d8de03e3f37cdec4a62f
View
4 lib/Catalyst/Plugin/OAuth2/Provider.pm
@@ -139,7 +139,9 @@ sub redirect {
$c->res->cookies->{oauth_tmp} = $cid;
}
my ( $client, $redirect_uri ) = @$params{qw(client_id redirect_uri)};
- $redirect_uri = $self->clients->{$client}->{redirect_uri}->[0];
+ # we don't trust the user's redirect uri
+ $redirect_uri = $self->clients->{$client}->{redirect_uri}->[0]
+ if($client);
if ($redirect_uri) {
$c->res->redirect( $redirect_uri . "?$type=$message" );
View
7 lib/MetaCPAN/Server/Controller/Login.pm
@@ -8,8 +8,11 @@ use JSON;
sub auto : Private {
my ( $self, $c ) = @_;
if ( $c->req->params->{client_id} ) {
- $c->res->cookies->{oauth_tmp}
- = { value => encode_json( $c->req->parameters ), path => '/' };
+ $c->res->cookies->{oauth_tmp} = {
+ value => encode_json( $c->req->parameters ),
+ path => '/',
+ expires => '+7d'
+ };
}
return 1;
}
Please sign in to comment.
Something went wrong with that request. Please try again.