diff options
author | zotlabs <mike@macgirvin.com> | 2018-04-03 21:58:11 -0700 |
---|---|---|
committer | zotlabs <mike@macgirvin.com> | 2018-04-03 21:58:11 -0700 |
commit | 8871f8d0f4b33a4ed76ce18c15b7a8fcab916d6e (patch) | |
tree | f0a103c6691d30c5237c21eefd1da5af6bb8f5aa /Zotlabs/Module | |
parent | 29b377d4c56763807d514a0e192cd12dd717f45d (diff) | |
download | volse-hubzilla-8871f8d0f4b33a4ed76ce18c15b7a8fcab916d6e.tar.gz volse-hubzilla-8871f8d0f4b33a4ed76ce18c15b7a8fcab916d6e.tar.bz2 volse-hubzilla-8871f8d0f4b33a4ed76ce18c15b7a8fcab916d6e.zip |
disable the oauth2testvehicle completely until it is safe
Diffstat (limited to 'Zotlabs/Module')
-rw-r--r-- | Zotlabs/Module/Oauth2testvehicle.php | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/Zotlabs/Module/Oauth2testvehicle.php b/Zotlabs/Module/Oauth2testvehicle.php index a724dc549..5ae278e8c 100644 --- a/Zotlabs/Module/Oauth2testvehicle.php +++ b/Zotlabs/Module/Oauth2testvehicle.php @@ -11,6 +11,8 @@ namespace Zotlabs\Module; class OAuth2TestVehicle extends \Zotlabs\Web\Controller { function init() { + + killme(); // If there is a 'code' and 'state' parameter then this is a client app // callback issued after the authorization code request @@ -20,7 +22,7 @@ class OAuth2TestVehicle extends \Zotlabs\Web\Controller { // cookie, and compare it when the user comes back. This ensures your // redirection endpoint isn't able to be tricked into attempting to // exchange arbitrary authorization codes." - $_SESSION['redirect_uri'] = 'http://hub.localhost/oauth2testvehicle'; + $_SESSION['redirect_uri'] = z_root() . '/oauth2testvehicle'; $_SESSION['authorization_code'] = (x($_REQUEST, 'code') ? $_REQUEST['code'] : $_SESSION['authorization_code']); $_SESSION['state'] = (x($_REQUEST, 'state') ? $_REQUEST['state'] : $_SESSION['state'] ); $_SESSION['client_id'] = (x($_REQUEST, 'client_id') ? $_REQUEST['client_id'] : $_SESSION['client_id'] ); |