Security is always a priority, thanks @tomhughes for the fix.
We've already made the corresponding
[changes](https://github.com/hotosm/tasking-manager/pull/6933) to the HOT's
Tasking Manager and login is working again.
--
Reply to this email directly or view it on GitHub:
https://github.com/o
> So in the case of https://osmlab.github.io/osm-auth/ it looks like the
> problem is that final redirect page is trying to access the parent page to
> pass the authorization code back but I can't see any value for the COOP
> header that would allow that while not allowing the parent to interfer
