Navigation Menu

Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix default next param value #3

Closed
marksteve opened this issue Mar 26, 2013 · 3 comments
Closed

Fix default next param value #3

marksteve opened this issue Mar 26, 2013 · 3 comments

Comments

@marksteve
Copy link
Contributor

No description provided.

@joshkendrick
Copy link

@marksteve is this the issue where if the user tries to go a @login_required view without first being logged in and not having accepted the permissions before, they'll get into be continuously redirected between oauth2callback and the @login_required view they were trying to access?

Just asking because it's an issue i've run into today, and ive been trying to solve it but havent made any progress. i was going to report it, but it looks like this might be the same issue.

@marksteve
Copy link
Contributor Author

@joshkendrick Sorry for the late reply. This issue is more about filtering the next param for security (i.e. some might make use of the next param to redirect users to a phishing site after login).

@joshkendrick
Copy link

@marksteve gotcha. I'll report this other issue I was seeing separately.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@marksteve @joshkendrick