0 Replies Latest reply on Dec 27, 2017 6:52 AM by KevinVl86

    Issue integrating with Phonegap Build through the OAuth Developer API in Chrome

    KevinVl86

      Hi,

      We're running into an issue integrating with Phonegap Build through the OAuth Developer API.

      We ask the user to authorize our service to access Phonegap Build through his account. We have registered a client, and at some point we redirect the user to https://build.phonegap.com/authorize?client_id=abcdef, as per the documentation. There, they click on 'Yes', after which they are supposed to be redirected to our application.

      Screenshot 2017-12-27 15.41.32.png

      This always worked like a charm, until recently it broken when using Chrome. This shows up in the Chrome dev console:

       

      Refused to load the script 'data:application/javascript;base64,dmFyIF9zYXRlbGxpdGU9e3BhZ2VCb3R0b206IGZ1bmN0aW9uKCl7f X07IGZ1bmN0aW9uIHNfZ2koKXtyZXR1cm4gc19vbXRyfTsgZnVuY3Rpb24gc19hY2NvdW50KCl7fTsgdmFyIHNfb21 0ciA9IHt9OyBzX29tdHIudCA9IGZ1bmN0aW9uKCl7fTsgc19vbXRyLnRsID0gZnVuY3Rpb24oKXt9Ow==' because it violates the following Content Security Policy directive: "script-src 'self' *.adobe.com *.doubleclick.net ssl.google-analytics.com api.demandbase.com *.typekit.net *.adobedtm.com 'unsafe-inline' adobe.tt.omtrdc.net".

       

      cjo5ipu.js Failed to load resource: net::ERR_BLOCKED_BY_CLIENT

       

      authorize:1 Refused to send form data to '<our service url>' because it violates the following Content Security Policy directive: "form-action 'self' bitbucket.org github.com gitlab.com *.adobelogin.com *.adobe.com".

       

      Does anyone else experience this as well? Any ideas as to how to fix this?

       

      Thanks,

      Kevin