Page MenuHomePhabricator
Create Task
Maniphest T342153

Display errors for invalid callback URLs
Open, Needs TriagePublic
Actions

Description

Current behavior

If a user provides an invalid callback URL, Special:AppManagement returns a generic "Request failed" error.

Expected behavior

If a user provides an invalid callback URL, Special:AppManagement should display the error message from the OAuth extension to the user, so they can fix their callback URL. In addition to providing a helpful error message, provide guidance in Special:AppManagement to help users submit a valid URL (T266355).

Callback URL requirements for OAuth 2

  • OAuth 2 callback URLs must use the HTTPS scheme
  • The callback URL must point to a server you own
  • OAuth 2 apps must use an exact callback URL. A bare domain is probably not what you want.

References

Related Objects

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL