Solving (or working around) frame-ancestors errors for OAuth2 Implicit flow #784
Comments
|
@jeroenheijmans Thanks for letting us know about this! It looks like we're currently unable to view other domains using the preview frame that's embedded within the editor. A workaround for this is you can open up the preview in its own tab/window detached from the editor: https://angular-dkn4hf.stackblitz.io/ then the auth flow and redirects work properly, and you'll still be able to see your app update as you make changes in the editor. Lmk if this works for you! |
|
@apai4 Yes, thank you. The workaround seems to work, that'll do for now ❤️ 👍 |
This issue has been resolved and will be closed accordingly. If this issue persists, feel free to tag me or ask to reopen this issue with screenshots of the error. Thank you! :) |
Hello, and thank you so much for a wonderful service! I unfortunately run into a problem, and was wondering if a solution is available (or even possible).
My issue is demonstrated by this example StackBlitz: https://stackblitz.com/edit/angular-dkn4hf
If you click "Login" an OAuth2 Implicit Flow login sequence should be triggered, but that causes a redirect to another domain (that of the https://demo.identityserver.io/ IDS, kindly provided by IdentityServer). This is blocked, the error in the console says:
This makes perfect sense to me, but to test OAuth flows you'd really need this.
Is there a way to configure a StackBlitz to allow this kind of behavior?
I can however imagine it being blocked for security reasons, and if that's the case I wouldn't be sad if it's just not possible. However, then I'd ask: is there some way to host a NodeJS-based test OAuth2 server inside the StackBlitz itself?
The text was updated successfully, but these errors were encountered: