aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorzotlabs <mike@macgirvin.com>2018-04-03 21:58:11 -0700
committerzotlabs <mike@macgirvin.com>2018-04-03 21:58:11 -0700
commit8871f8d0f4b33a4ed76ce18c15b7a8fcab916d6e (patch)
treef0a103c6691d30c5237c21eefd1da5af6bb8f5aa
parent29b377d4c56763807d514a0e192cd12dd717f45d (diff)
downloadvolse-hubzilla-8871f8d0f4b33a4ed76ce18c15b7a8fcab916d6e.tar.gz
volse-hubzilla-8871f8d0f4b33a4ed76ce18c15b7a8fcab916d6e.tar.bz2
volse-hubzilla-8871f8d0f4b33a4ed76ce18c15b7a8fcab916d6e.zip
disable the oauth2testvehicle completely until it is safe
-rw-r--r--Zotlabs/Module/Oauth2testvehicle.php4
1 files changed, 3 insertions, 1 deletions
diff --git a/Zotlabs/Module/Oauth2testvehicle.php b/Zotlabs/Module/Oauth2testvehicle.php
index a724dc549..5ae278e8c 100644
--- a/Zotlabs/Module/Oauth2testvehicle.php
+++ b/Zotlabs/Module/Oauth2testvehicle.php
@@ -11,6 +11,8 @@ namespace Zotlabs\Module;
class OAuth2TestVehicle extends \Zotlabs\Web\Controller {
function init() {
+
+ killme();
// If there is a 'code' and 'state' parameter then this is a client app
// callback issued after the authorization code request
@@ -20,7 +22,7 @@ class OAuth2TestVehicle extends \Zotlabs\Web\Controller {
// cookie, and compare it when the user comes back. This ensures your
// redirection endpoint isn't able to be tricked into attempting to
// exchange arbitrary authorization codes."
- $_SESSION['redirect_uri'] = 'http://hub.localhost/oauth2testvehicle';
+ $_SESSION['redirect_uri'] = z_root() . '/oauth2testvehicle';
$_SESSION['authorization_code'] = (x($_REQUEST, 'code') ? $_REQUEST['code'] : $_SESSION['authorization_code']);
$_SESSION['state'] = (x($_REQUEST, 'state') ? $_REQUEST['state'] : $_SESSION['state'] );
$_SESSION['client_id'] = (x($_REQUEST, 'client_id') ? $_REQUEST['client_id'] : $_SESSION['client_id'] );