Fix confirmation redirect to app without Location header (#18523)
This commit is contained in:
Eugen Rochko
GitHub
parent
3e0e7a1cfb
commit
96129c2f10
3 changed files with 12 additions and 1 deletions
|
|
@ -128,6 +128,13 @@ Doorkeeper.configure do
|
|||
#
|
||||
force_ssl_in_redirect_uri false
|
||||
|
||||
# Specify what redirect URI's you want to block during Application creation.
|
||||
# Any redirect URI is whitelisted by default.
|
||||
#
|
||||
# You can use this option in order to forbid URI's with 'javascript' scheme
|
||||
# for example.
|
||||
forbid_redirect_uri { |uri| %w[data vbscript javascript].include?(uri.scheme.to_s.downcase) }
|
||||
|
||||
# Specify what grant flows are enabled in array of Strings. The valid
|
||||
# strings and the flows they enable are:
|
||||
#
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue