From 3e3f6b1b621d324092c767ee7c92b084fc9c0e8e Mon Sep 17 00:00:00 2001 From: Robin Ward Date: Fri, 6 Sep 2019 15:46:48 -0400 Subject: [PATCH] Revert "FIX: Auth popup handling for Safari same-site cookie quirks" This reverts commit 310a8ac2427978779c1bb31f71321bfb84688336. It seems this breaks google authentication. My suspicion is opening the URL twice invalidates the CSRF after the first access. --- app/assets/javascripts/discourse/models/login-method.js.es6 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/assets/javascripts/discourse/models/login-method.js.es6 b/app/assets/javascripts/discourse/models/login-method.js.es6 index 83e9a18a9dc..0b1260447a1 100644 --- a/app/assets/javascripts/discourse/models/login-method.js.es6 +++ b/app/assets/javascripts/discourse/models/login-method.js.es6 @@ -53,7 +53,7 @@ const LoginMethod = Ember.Object.extend({ } LoginMethod.buildPostForm(authUrl).then(form => { const windowState = window.open( - authUrl, + "about:blank", "auth_popup", `menubar=no,status=no,height=${height},width=${width},left=${left},top=${top}` );