ai/at
1
0
Fork 0
Code Wiki Activity
Files
88cfcdb073074b20ba4a032ffc6495b288555462
at/patching/170-pds-oauth-same-site-fix.patch
syui 8b26cf9452 fix patch
2026-02-16 01:23:52 +09:00

12 lines
801 B
Diff
Raw Blame History

diff --git a/packages/oauth/oauth-provider/src/router/create-authorization-page-middleware.ts b/packages/oauth/oauth-provider/src/router/create-authorization-page-middleware.ts
--- a/packages/oauth/oauth-provider/src/router/create-authorization-page-middleware.ts
+++ b/packages/oauth/oauth-provider/src/router/create-authorization-page-middleware.ts
@@ -74,7 +74,7 @@
// @TODO Consider removing this altogether to allow hosting PDS and app on
// the same site but different origins (different subdomains).
- validateFetchSite(req, ['same-origin', 'cross-site', 'none'])
+ validateFetchSite(req, ['same-origin', 'same-site', 'cross-site', 'none'])
validateFetchMode(req, ['navigate'])
validateFetchDest(req, ['document'])
validateOrigin(req, issuerOrigin)
View Git Blame Copy Permalink