Closed hober closed 4 years ago
If you restrict the target of the redirect to same origin, it becomes crippled in federated login environments.
I don't think this is necessary, I agree with this counterpoint: https://news.ycombinator.com/item?id=18618930
@jbtule, @othermaciej okay, I'm sold. Closing.
See https://news.ycombinator.com/item?id=18618534