I'm putting together a webapp that uses google plus signin using this guide.
I am running the webapp on localhost:8888
.
Using javascript like this, things work fine:
gapi.signin.render(thisHandle.details.buttonId, {
'callback': mySignIn,
'clientid': myClientId,
'requestvisibleactions': 'http://schemas.google.com/AddActivity',
'scope': 'https://www.googleapis.com/auth/plus.login',
'theme': 'light',
'cookiepolicy': 'single_host_origin',
'accesstype': 'offline'
});
If I change my cookiepolicy to 'http:// localhost:8888' I get:
Error: invalid_request Authority not strictly under a public suffix:
localhost
:8888Request Details
response_type=code token id_token gsession scope=https://www.googleapis.com/auth/plus.login redirect_uri=postmessage access_type=offline cookie_policy=http://
localhost
:8888 proxy=oauth2relay874392806 origin=http://localhost
:8888 state=384885884|0.12629541 client_id=[My client id] request_visible_actions=http://schemas.google.com/AddActivity authuser=0
What does Authority not strictly under a public suffix means in this context, in terms of storing user and session information? Is there a workaround that would allow me to have is running my development server? Any help much appreciated.
An origin is a unique combination of protocol, hostname, and port. In the Authorized JavaScript origins field, enter the origin for your app. You can enter multiple origins to allow for your app to run on different protocols, domains, or subdomains. You cannot use wildcards.
For your development work, you can stick with single_host_origin
or use none
(less efficient). The cookie policy is more important when your signed in user might be visiting your site on multiple protocols (http & https) or with subdomains (www.example.com and support.example.com). In those cases, you'd likely want to use the cookiepolicy of http://example.com
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With