Allow any valid (per RFC 3986) scheme name in OAuth callback URLs
authorMendhak <mendhak@hotmail.com>
Sat, 23 Apr 2011 09:29:49 +0000 (10:29 +0100)
committerTom Hughes <tom@compton.nu>
Wed, 11 May 2011 21:23:06 +0000 (22:23 +0100)
Changed the callback_url regex so that you can have custom schemes such
as myapp: or my-lovely-app: instead of just http and https. This should
help with mobile development where users can authorize with OSM in their
browser and are automatically redirected to the registered app.

app/models/client_application.rb

index 09eec40d3e5f020a4445282a485a312d98a6590c..63c46a46fd9bf5eef548552106a9d3780c68d460 100644 (file)
@@ -9,7 +9,7 @@ class ClientApplication < ActiveRecord::Base
   
   validates_format_of :url, :with => /\Ahttp(s?):\/\/(\w+:{0,1}\w*@)?(\S+)(:[0-9]+)?(\/|\/([\w#!:.?+=&%@!\-\/]))?/i
   validates_format_of :support_url, :with => /\Ahttp(s?):\/\/(\w+:{0,1}\w*@)?(\S+)(:[0-9]+)?(\/|\/([\w#!:.?+=&%@!\-\/]))?/i, :allow_blank=>true
-  validates_format_of :callback_url, :with => /\Ahttp(s?):\/\/(\w+:{0,1}\w*@)?(\S+)(:[0-9]+)?(\/|\/([\w#!:.?+=&%@!\-\/]))?/i, :allow_blank=>true
+  validates_format_of :callback_url, :with => /\A([a-z]){1}([\w0-9\.\+\-])*:\/\/(\w+:{0,1}\w*@)?(\S+)(:[0-9]+)?(\/|\/([\w#!:.?+=&%@!\-\/]))?/i, :allow_blank=>true
 
   attr_accessor :token_callback_url