jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
Files
a01e1bad0f0cfebfa29cbbf9cd1c7ceb27734b9d
cloudron-box/dashboard/authcallback.html
Girish Ramakrishnan 337c5412b7 oidc: remove authcallback.html from history 
this way atleast token goes away from history. part of #844
2025-07-10 14:03:29 +02:00

19 lines
551 B
HTML
Raw Blame History

<script>
const tmp = window.location.hash.slice(1).split('&');
// FIXME: implicit flow (response_type=code token) results in access_token query param. this is not secure
tmp.forEach(function (pair) {
if (pair.indexOf('access_token=') === 0) localStorage.token = pair.split('=')[1];
});
const redirectTo = '/';
if (localStorage.getItem('redirectToHash')) {
redirectTo += localStorage.getItem('redirectToHash');
localStorage.removeItem('redirectToHash');
}
window.location.replace(redirectTo); // this removes us from history
</script>
Reference in New Issue View Git Blame Copy Permalink