Hides the accessToken in the URL

bocoup / nest-weekly-review

An application for managing billing data for consulting projects

http://weekly-review.bocoup.com/

1 stars 2 forks source link

Hides the accessToken in the URL #48

Closed tbranyen closed 9 years ago

tbranyen commented 9 years ago

Maintains a cleaner transition once logged in by hiding the access token sent from the oauth callback.

Not sure if this is desired, but it irked me enough to update :deciduous_tree:

jugglinmike commented 9 years ago

It also hides any other information in the query string. I don't think it's worth worrying about, though. Merged at commit fdbd4381e16ea9638a2baec92d920a995b72db97

Thanks, Tim!

jugglinmike commented 9 years ago

:deciduous_tree:

tbranyen commented 9 years ago

That is true, but that code path will only be hit from a successful oauth callback. IMO all params should be hidden from that to ensure a clean slate. I went with location.pathname so at least the path integrity will be consistent if we decide to change location root in the future.

Thanks for the merge!