File tree Expand file tree Collapse file tree 1 file changed +8
-3
lines changed
Expand file tree Collapse file tree 1 file changed +8
-3
lines changed Original file line number Diff line number Diff line change @@ -112,16 +112,21 @@ def do_GET(self):
112112 # For flexibility, we choose to not check self.path matching redirect_uri
113113 #assert self.path.startswith('/THE_PATH_REGISTERED_BY_THE_APP')
114114
115- # Check if this is a blank redirect (eSTS error flow where user clicked OK)
116115 qs = parse_qs (urlparse (self .path ).query )
117- if not qs or (not qs .get ('code' ) and not qs .get ('error' )):
116+ if qs .get ('code' ) or qs .get ('error' ):
117+ # GET request with auth code or error - reject for security (form_post only)
118+ self ._send_full_response (
119+ "GET method is not supported for authentication responses. "
120+ "This application requires form_post response mode." ,
121+ is_ok = False )
122+ elif not qs :
118123 # Blank redirect from eSTS error - show generic error and mark done
119124 self ._send_full_response (
120125 "Authentication could not be completed. "
121126 "You can close this window and return to the application." )
122127 self .server .done = True
123128 else :
124- # GET request with parameters (shouldn't happen with form_post, but handle gracefully)
129+ # Other GET requests - show welcome page
125130 self ._send_full_response (self .server .welcome_page )
126131 # NOTE: Don't do self.server.shutdown() here. It'll halt the server.
127132
You can’t perform that action at this time.
0 commit comments