mohiit1502/Automata
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix(core): Exclude oAuth callback urls from browser-id checks (#9158)

Browse Source
This commit is contained in:
कारतोफ्फेलस्क्रिप्ट™
2024-04-17 19:20:51 +02:00
committed by GitHub
parent 9bd8e10b35
commit 46e432b177
1 changed files with 4 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
packages/cli/src/auth/auth.service.ts
View File

@@ -42,6 +42,10 @@ const skipBrowserIdCheckEndpoints = [
// We need to exclude binary-data downloading endpoint because we can't send custom headers on `<embed>` tags // We need to exclude binary-data downloading endpoint because we can't send custom headers on `<embed>` tags
`/${restEndpoint}/binary-data`, `/${restEndpoint}/binary-data`,
// oAuth callback urls aren't called by the frontend. therefore we can't send custom header on these requests
`/${restEndpoint}/oauth1-credential/callback`,
`/${restEndpoint}/oauth2-credential/callback`,
]; ];
@Service() @Service()