projects / arvados.git / commit
summary | shortlog | log | commit | commitdiff | tree
(parent: a132373) | patch
Make josh_id propagate return_to as a GET parameter, and use that GET
authorWard Vandewege <ward@clinicalfuture.com>
Fri, 25 Jan 2013 17:35:25 +0000 (12:35 -0500)
committerWard Vandewege <ward@clinicalfuture.com>
Fri, 25 Jan 2013 17:35:25 +0000 (12:35 -0500)
commit54d2df58b60ad760cbc235656b6f90744f420631
tree34bb46e44022856752c59c0de1a2d7d5bd0090ectree | snapshot
parenta1323735dcd95f440ff4f9f1c2215861d76aeb49commit | diff
Make josh_id propagate return_to as a GET parameter, and use that GET
parameter instead of session[] when redirecting in create().  Using
session[] is inappropriate: completing a login in browser window A can
cause a token to be sent to a different API client who has requested a
token in window B.
app/controllers/user_sessions_controller.rb diff | blob | history
lib/josh_id.rb diff | blob | history