I am trying to authenticate using Constant Contact through OAuth2 in a popup. I use $.postMessage to send data between windows and, for the most part, works great.
My problem is with Safari. A regular request has a URL that looks like this:
https://example.com/oauth-v2/#access_token=xxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx&token_type=Bearer&expires_in=xxxxxxxxx
But when using Safari to execute the request, the entire hash is disconnected from the URL, and location.hash , window.location.hash , window.parent.location.hash all empty.
The authentication protocol is pretty standard:
User clicks auth button -> Popup window to auth with Constant Contact -> Allow application -> Return to app site to capture token
Here's the javascript we use to get the URL hash information
jQuery(document).ready(function($){ $.extend({ getQueryParameters : function(str) { return (str || document.location.search || document.location.hash).replace(/(^\?)|(^\#)/,'').split("&").map(function(n){return n = n.split("="),this[n[0]] = n[1],this}.bind({}))[0]; } }); $.receiveMessage(function(event){ $.postMessage($.getQueryParameters(), event.origin, event.source); setTimeout(function(){ window.close() }, 5000); }); });
Is a missing hash a known bug in Safari? Do I have to do something else to get information from constant contact? It works in any other browser, so I would not want to rewrite this part of the application.
source share