Details
-
Bug
-
Status: Closed
-
Major
-
Resolution: Invalid
-
None
-
None
-
None
Description
I was able to reproduce this with a gadget using OAuth 1.0a. The OAuthCallbackServlet returns some javascript which calls window.opener... Before the change to the OAuth popup code window.opener was the gadget window, however now it is the container. So the variable gadgets.io.oauthReceivedCallbackUrl_ is never actually set in the gadget window, only in the container. The oauthReceivedCallbackUrl_ contains parameters that may be necessary when making requests for resources protected by oauth and the provider may reject them if they are missing.