Fix default next param value #3

Closed
marksteve opened this Issue Mar 26, 2013 · 3 comments

Comments

Projects
None yet
2 participants
@marksteve
Contributor

marksteve commented Mar 26, 2013

No description provided.

@joshkendrick

This comment has been minimized.

Show comment Hide comment
@joshkendrick

joshkendrick Sep 15, 2013

@marksteve is this the issue where if the user tries to go a @login_required view without first being logged in and not having accepted the permissions before, they'll get into be continuously redirected between oauth2callback and the @login_required view they were trying to access?

Just asking because it's an issue i've run into today, and ive been trying to solve it but havent made any progress. i was going to report it, but it looks like this might be the same issue.

@marksteve is this the issue where if the user tries to go a @login_required view without first being logged in and not having accepted the permissions before, they'll get into be continuously redirected between oauth2callback and the @login_required view they were trying to access?

Just asking because it's an issue i've run into today, and ive been trying to solve it but havent made any progress. i was going to report it, but it looks like this might be the same issue.

@marksteve

This comment has been minimized.

Show comment Hide comment
@marksteve

marksteve Sep 15, 2013

Contributor

@joshkendrick Sorry for the late reply. This issue is more about filtering the next param for security (i.e. some might make use of the next param to redirect users to a phishing site after login).

Contributor

marksteve commented Sep 15, 2013

@joshkendrick Sorry for the late reply. This issue is more about filtering the next param for security (i.e. some might make use of the next param to redirect users to a phishing site after login).

@joshkendrick

This comment has been minimized.

Show comment Hide comment
@joshkendrick

joshkendrick Sep 16, 2013

@marksteve gotcha. I'll report this other issue I was seeing separately.

@marksteve gotcha. I'll report this other issue I was seeing separately.

@marksteve marksteve closed this Oct 7, 2014

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment