| # |
Dec 19th 2017, 22:54 |
joop |
i spent the last 3 days to figure out how these works |
| # |
Dec 19th 2017, 22:54 |
joop |
guys i having terrible experince with anonymus functions |
| # |
Dec 19th 2017, 22:11 |
 josexato |
which is this function https://pastebin.com/yVYDsJsU |
| # |
Dec 19th 2017, 22:09 |
josexato |
I get this error "Unable to emit headers. Headers sent in file =/var/www/html/src/Controller/DishesController.php line=129" |
| # |
Dec 19th 2017, 22:08 |
josexato |
it works fine except when the rows as response to the matching characters in the select is too high |
| # |
Dec 19th 2017, 22:07 |
josexato |
Hello Good afternoon, I have this question regarding an xhr request I am sending for an autocomplete select control |
| # |
Dec 19th 2017, 21:39 |
birdy247 |
:+1: |
| # |
Dec 19th 2017, 21:39 |
admad |
@birdy247 Google already requires the redirect uri to exactly match, which is why social auth plugin doesn't modify the query string and uses session instead :slightly_smiling_face: |
| # |
Dec 19th 2017, 21:26 |
saeideng |
good night |
| # |
Dec 19th 2017, 21:09 |
dereuromark |
good find though, mapping that internally via session, db, ... should do the trick |
| # |
Dec 19th 2017, 21:09 |
dereuromark |
birdy: thats total BS. query string itself would already suffice for protections. total noobs. |
| # |
Dec 19th 2017, 21:08 |
birdy247 |
@dereuromark we can use the state :slightly_smiling_face: https://developers.facebook.com/docs/facebook-login/manually-build-a-login-flow/#logindialog |
| # |
Dec 19th 2017, 21:08 |
dereuromark |
what kind of annotations do they have/need? https://github.com/dereuromark/cakephp-ide-helper/issues/68 |
| # |
Dec 19th 2017, 21:07 |
dereuromark |
@mail used cells yet? |
| # |
Dec 19th 2017, 21:07 |
birdy247 |
"Strict Mode prevents hijacking of your redirect URIs by requiring an exact match from your Valid OAuth redirect URIs list. For example, if your list contains www.example.com, then Strict Mode won't allow www.example.com/token as a valid redirect. It also won't allow any extra query parameters not present in your Valid OAuth redirect URIs list." |
| # |
Dec 19th 2017, 21:03 |
birdy247 |
ill ask facebook |
| # |
Dec 19th 2017, 21:02 |
dereuromark |
it indeed would then be session that would need remembering |
| # |
Dec 19th 2017, 21:01 |
dereuromark |
everything else is otherwise really annoying |
| # |
Dec 19th 2017, 21:01 |
dereuromark |
URL is until those start usually |
| # |
Dec 19th 2017, 21:00 |
dereuromark |
did you try query strings? I would bet that this is not part of their specs |
| # |
Dec 19th 2017, 21:00 |
birdy247 |
"exactly match the Valid OAuth Redirect URIs" |
| # |
Dec 19th 2017, 20:59 |
birdy247 |
exactly |
| # |
Dec 19th 2017, 20:59 |
birdy247 |
yes |
| # |
Dec 19th 2017, 20:59 |
dereuromark |
you mean with strict that no dynamic part is allowed? |
| # |
Dec 19th 2017, 20:58 |
birdy247 |
but if facebook is mandating that the url must be strict i.e. how can I pass a query string to OAuth |
| # |
Dec 19th 2017, 20:57 |
dereuromark |
as all the rest of cake itself works :slightly_smiling_face: |
| # |
Dec 19th 2017, 20:57 |
dereuromark |
it should point to the own login with redirect query string |
| # |
Dec 19th 2017, 20:57 |
dereuromark |
the callback action is implemented wrong |
| # |
Dec 19th 2017, 20:56 |
birdy247 |
I dont follow |
| # |
Dec 19th 2017, 20:56 |
dereuromark |
as long as the query string is encoded properly |
| # |
Dec 19th 2017, 20:56 |
dereuromark |
its nested basically |
| # |
Dec 19th 2017, 20:56 |
dereuromark |
redirect=ownsite?redirect?... |
| # |
Dec 19th 2017, 20:55 |
dereuromark |
well, that was never how it should be :slightly_smiling_face: |
| # |
Dec 19th 2017, 20:55 |
birdy247 |
https://www.domain.com/hybrid-auth/endpoint?redirect=%2Fenter-race%2F816%23anchorandhauth_done=Facebook |
| # |
Dec 19th 2017, 20:55 |
birdy247 |
i.e. this used to be my redirect uri |
| # |
Dec 19th 2017, 20:54 |
birdy247 |
others will not be allowed |
| # |
Dec 19th 2017, 20:54 |
birdy247 |
the redirect url has to be set in advance |
| # |
Dec 19th 2017, 20:54 |
birdy247 |
but that wont work now will it? |
| # |
Dec 19th 2017, 20:53 |
dereuromark |
that has never changed afaik |
| # |
Dec 19th 2017, 20:53 |
dereuromark |
no, it should always return back to the login which then redirects via query string |
| # |
Dec 19th 2017, 20:53 |
birdy247 |
I guess now we will have to store this in a session or something? |