diff options
| author | Andrew Arnott <andrewarnott@gmail.com> | 2009-11-11 07:59:00 -0800 |
|---|---|---|
| committer | Andrew Arnott <andrewarnott@gmail.com> | 2009-11-11 07:59:00 -0800 |
| commit | 1df77ecb4d90bd74dddab2a700180be40a9e6071 (patch) | |
| tree | 87018339c6aa84a6a59671368e273f88318a77f2 /projecttemplates/WebFormsRelyingParty/Members/OAuthAuthorize.aspx | |
| parent | 5e21bc06b16e6c4bed2a9c29294b1203bd92bd3c (diff) | |
| download | DotNetOpenAuth-1df77ecb4d90bd74dddab2a700180be40a9e6071.zip DotNetOpenAuth-1df77ecb4d90bd74dddab2a700180be40a9e6071.tar.gz DotNetOpenAuth-1df77ecb4d90bd74dddab2a700180be40a9e6071.tar.bz2 | |
Bug fixes and updated db creation script with new OAuth tables.
Diffstat (limited to 'projecttemplates/WebFormsRelyingParty/Members/OAuthAuthorize.aspx')
| -rw-r--r-- | projecttemplates/WebFormsRelyingParty/Members/OAuthAuthorize.aspx | 35 |
1 files changed, 27 insertions, 8 deletions
diff --git a/projecttemplates/WebFormsRelyingParty/Members/OAuthAuthorize.aspx b/projecttemplates/WebFormsRelyingParty/Members/OAuthAuthorize.aspx index 720c4b2..3106b7a 100644 --- a/projecttemplates/WebFormsRelyingParty/Members/OAuthAuthorize.aspx +++ b/projecttemplates/WebFormsRelyingParty/Members/OAuthAuthorize.aspx @@ -1,20 +1,39 @@ <%@ Page Title="" Language="C#" MasterPageFile="~/Site.Master" AutoEventWireup="true" CodeBehind="OAuthAuthorize.aspx.cs" Inherits="WebFormsRelyingParty.Members.OAuthAuthorize" %> -<asp:Content ID="Content1" ContentPlaceHolderID="head" runat="server"> -</asp:Content> <asp:Content ID="Content2" ContentPlaceHolderID="Body" runat="server"> <h2> - Client authorization</h2> + Client authorization + </h2> <p> The <asp:Label ID="consumerNameLabel" runat="server" Text="(app name)" /> application is requesting to access the private data in your account here. Is that alright with you? </p> - <asp:Button ID="yesButton" runat="server" Text="Yes" - onclick="yesButton_Click" /> - <asp:Button ID="noButton" runat="server" Text="No" - onclick="noButton_Click" /> - <asp:HiddenField runat="server" ID="csrfCheck" EnableViewState="false" /> + <div style="display: none" id="responseButtonsDiv"> + <asp:Button ID="yesButton" runat="server" Text="Yes" OnClick="yesButton_Click" /> + <asp:Button ID="noButton" runat="server" Text="No" OnClick="noButton_Click" /> + <asp:HiddenField runat="server" ID="csrfCheck" EnableViewState="false" /> + </div> + <div id="javascriptDisabled"> + <b>Javascript appears to be disabled in your browser. </b>This page requires Javascript + to be enabled to better protect your security. + </div> + + <script language="javascript" type="text/javascript"> + //<![CDATA[ + // we use HTML to hide the action buttons and Javascript to show them + // to protect against click-jacking in an iframe whose javascript is disabled. + document.getElementById('responseButtonsDiv').style.display = 'block'; + document.getElementById('javascriptDisabled').style.display = 'none'; + + // Frame busting code (to protect us from being hosted in an iframe). + // This protects us from click-jacking. + if (document.location !== window.top.location) { + window.top.location = document.location; + } + //]]> + </script> + </asp:Content> |