|
@@ -128,6 +128,13 @@ Doorkeeper.configure do
|
|
|
#
|
|
|
force_ssl_in_redirect_uri false
|
|
|
|
|
|
+ # Specify what redirect URI's you want to block during Application creation.
|
|
|
+ # Any redirect URI is whitelisted by default.
|
|
|
+ #
|
|
|
+ # You can use this option in order to forbid URI's with 'javascript' scheme
|
|
|
+ # for example.
|
|
|
+ forbid_redirect_uri { |uri| %w[data vbscript javascript].include?(uri.scheme.to_s.downcase) }
|
|
|
+
|
|
|
# Specify what grant flows are enabled in array of Strings. The valid
|
|
|
# strings and the flows they enable are:
|
|
|
#
|