gdurelle
commented
7 years ago Well for me it the reverse :D Works with https, not http. Would be better to add HSTS on the server and keep everything HTTPS
Open ineffyble opened 7 years ago
gdurelle
commented
7 years ago Well for me it the reverse :D Works with https, not http. Would be better to add HSTS on the server and keep everything HTTPS
fhemberger
commented
7 years ago @Gargron Would it be enough to switch on config.force_ssl = true in production to make the bridge HTTPS only and fix this issue?
If you access it on https, which works, the callback URI it provides is invalid.