Web IDE OAuth callout: use gitlab url in redirect URL example
What does this MR do and why?
When creating the Web IDE OAuth application, we rely on the gon.gitlab_url
. We should do the same when providing the redirect URL in the callout to prevent misconfigurations as there could be mismatches between window.location.origin
and gon.gitlab_url
in self-managed instances.
MR acceptance checklist
Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.
Screenshots or screen recordings
Screenshots are required for UI changes, and strongly recommended for all other merge requests.
Before | After |
---|---|
Note example redirect URL in callout refers to window origin, which does not match the redirect URI. |
Example redirect URL matches expected redirect URI |
How to set up and validate locally
- Ensure Web IDE and Web IDE OAuth is enabled.
- Navigate to admin area > Applications > select
GitLab Web IDE
> edit application - Ensure callout displays correct example redirect URI
Edited by Cindy Halim