cli/auth at 23dfeff84ff33ffb5269fe732daa4a2acc11ec99 - STACKITGit/cli

History

Mislav Marohnić 71d3696667 Avoid redirecting to `localhost` during authorization flow Web developers who have previously ran an application on `http://localhost` that enabled HSTS (HTTP Strict Transport Security) will find themselves unable to authenticate because their browser (typically Safari, in practice) will keep redirecting them to `https://localhost`, which isn't handled by our local server. This switches the authorization callback to be to `127.0.0.1`, which should be equivalent to `localhost`, but not subject to HSTS.	2020-03-13 13:40:04 +01:00
..
oauth.go	Avoid redirecting to `localhost` during authorization flow	2020-03-13 13:40:04 +01:00

Mislav Marohnić 71d3696667 Avoid redirecting to localhost during authorization flow

Web developers who have previously ran an application on
`http://localhost` that enabled HSTS (HTTP Strict Transport Security)
will find themselves unable to authenticate because their browser
(typically Safari, in practice) will keep redirecting them to
`https://localhost`, which isn't handled by our local server.

This switches the authorization callback to be to `127.0.0.1`, which
should be equivalent to `localhost`, but not subject to HSTS.

2020-03-13 13:40:04 +01:00

oauth.go Avoid redirecting to localhost during authorization flow 2020-03-13 13:40:04 +01:00