Open ArdentZeal opened 9 years ago
how does the AuthenticationController.loginThirdParty look like?
I am also interested in this, ran in to this same issue today. @ArdentZeal
It's actually the first time I've ran into any issue at all with passport, and have used passport for a while now. So, just wanted to add this comment to say thanks for a great package @jaredhanson.
Hello there,
I am using passport with the local, facebook, github module and angularjs in my application.
With the standard passport behaviour, I get a redirect header which the browser tries to follow. Passport code below
The problem is, that this automatic redirect call violates CORS policy and so will not be successful.
XMLHttpRequest cannot load ##skipped url##. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin ##skipped url## is therefore not allowed access.
There is no way to prevent the redirect in the application, because it is done by the browser before the response is hitting the angularjs client.
WORKAROUND:
I have built a functional workaround (read: hack) to implement that feature nonetheless, but I would like to discuss a way to implement it into the framework without the need to hack the response object
my proposal would be a setting on passport, to send redirect urls to the client via data, maybe
options.clientHandlesRedirect = true;
Kind regards