----- Original Message ----- > From: "David Bialer" <[email protected]> > To: [email protected] > Sent: Friday, June 20, 2014 1:24:28 PM > Subject: Re: iframes vs redirects (Chris Karlof) > > Just wanted to clarify the issue - which for me is a user issue not a > security issue. > > Without getting into the how this is accomplished, what we are trying to do > is keep continuity in the task that user is trying to accomplish. > In Marketplace the 2 use cases would be: > a) the user is purchasing an app - clicks on "buy" on app details page, logs > into account (or creates new account) if needed, land on confirmation page > confirms purchase information. With the current solution, they would click > "Buy", login, and then land on the same app details page rather than > advancing to the next step in the flow.
Does this mean you've configured OAuth to redirect to the app details page upon successful authentication? Could you set a cookie to indicate the next step in the flow so that your backend could adjust the URL as needed? This would also handle the case where the user creates an account and continues the verification in a new tab. They would be able to continue where they left off from either the original tab or the new tab. Of course, if they verify in a different browser altogether the best you can do is prompt them to log in again or return to their original browser. This might not be relevant for FxOS though. > b) the user would like to leave a review - similar to above. User Clicks > review, logs in if needed, lands on review page and writes review, submits. > _______________________________________________ Dev-fxacct mailing list [email protected] https://mail.mozilla.org/listinfo/dev-fxacct
