Google+登录 - 未捕获引发SecurityError [英] Google+ Sign-In - Uncaught SecurityError
问题描述
我实施Google+登录的混合动力/一次性AUTH code流量和体验在登录提示后,Chrome浏览器的JS控制台,这个错误并授予应用程序的权限,presumably当谷歌的code试图调用回按钮:
I'm implementing Google+ Sign-In's hybrid / one-time auth code flow and experiencing this error in Chrome's JS console after the sign-in prompts and granting the app permission, presumably when Google's code tries to call back to the button:
未捕获引发SecurityError:访问与出身https://accounts.google.com框架封闭出身https://ww2.fa.org的框架。协议,域和端口必须匹配。
这似乎并不在Safari或者IE和Firefox中,有时会出现一个类似的权限错误发生,但是可重复的,往往不是在Chrome中。刷新的登录按钮框(继谷歌端后提示)通常会导致刷新按钮知道的登录成功的成功处理程序的调用...它应该的总是的无刷新的工作,但少了点。
This does not seem to occur in Safari or IE and a similar permission error occurs sometimes in Firefox, but is reproducible more often than not in Chrome. Refreshing the frame with the sign-in button (after following the google-side prompts) will usually result in the refreshed button "knowing" that the sign-in was successful a call to the success handler... it should always work without a refresh, but just doesn't.
有什么想法?该标志的地点为 https://ww2.fa.org/gauth/ 并只要求电子邮件的范围,如果你重新倾向于看看!
Any thoughts? The sign-in is at https://ww2.fa.org/gauth/ and it only requests the email scope if you're inclined to take a look!
推荐答案
我摆脱这种错误信息的方法是添加 https://accounts.google.com 到授权的JAVASCRIPT源下API和放云开发者控制台您的OAuth用户端设置; AUTH - >证书
The way I got rid of this error message is to add https://accounts.google.com to the AUTHORIZED JAVASCRIPT ORIGINS in your OAuth client settings in Cloud Developers Console under API & auth -> Credentials.
更新
这其实并没有解决它,问题重新抬头时,我转而使用 gapi.auth.signIn 而不是 gapi.login的。渲染。如在 G- OAuth的窗口的属性把它发送到后端,当 authResult 。除去参数或送我的,你只需要固定它的属性。
That actually didn't fix it and the problem resurfaced again when I switched to using gapi.auth.signIn instead of gapi.login.render. The problem as described in the comments in this post was that serialization of the g-oauth-window attribute of the authResult when sending it to your backend. Removing that parameter or sending just the attributes you need fixed it for me.
var signInCallback = function(authResult) {
delete authResult['g-oauth-window'];
ajaxCallToBackend(authResult);
};
希望这有助于。
这篇关于Google+登录 - 未捕获引发SecurityError的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
