use addtoken false for cflocation in case projects not enforcing it

Author: justincarter

webskin/a0Login/displayLogin.cfm

@@ -51,7 +51,7 @@ START WEBSKIN
 		<cfif isdefined("url.logout")>
 			<cfoutput><p class="error">You are logged out. <a href="/index.cfm?type=gudLogin&view=displayLogin">Login again</a></p></cfoutput>
 		<cfelseif isdefined("url.code") and isdefined("session.testAuth0")>
-			<cflocation url="/webtop/index.cfm?id=admin.security.auth0ud.status&testlogin=2&code=#url.code#" />
+			<cflocation url="/webtop/index.cfm?id=admin.security.auth0ud.status&testlogin=2&code=#url.code#" addtoken="false" />
 		<cfelseif isdefined("url.code") and not isdefined("stParam.message")>
 			<cfset stParam = application.security.processLogin() />
 			<cfif stParam.authenticated and not request.mode.profile>