Re: [openstreetmap/openstreetmap-website] Add Cross-Origin-Opener-Policy header (2ff4d6a)

Tom Hughes via rails-dev Mon, 07 Jul 2025 11:27:14 -0700

So in the case of https://osmlab.github.io/osm-auth/ it looks like the problem 
is that final redirect page is trying to access the parent page to pass the 
authorization code back but I can't see any value for the COOP header that 
would allow that while not allowing the parent to interfere with the 
authorisation window.


I don't know about Rapid or Overpass but the user experience of that osm-auth 
popup is absolutely horrible in any case...

-- 
Reply to this email directly or view it on GitHub:
https://github.com/openstreetmap/openstreetmap-website/commit/2ff4d6a4e633e479568572090eb6a16074103cd9#commitcomment-161613216
You are receiving this because you are subscribed to this thread.

Message ID: 
<openstreetmap/openstreetmap-website/commit/2ff4d6a4e633e479568572090eb6a16074103cd9/161613...@github.com>

_______________________________________________
rails-dev mailing list
rails-dev@openstreetmap.org
https://lists.openstreetmap.org/listinfo/rails-dev

Re: [openstreetmap/openstreetmap-website] Add Cross-Origin-Opener-Policy header (2ff4d6a)

Reply via email to