问题
To my knowledge, in Google's authentication code flow it is required for the redirect_uri to be 'postmessage' instead of a URI.
Could anyone explain what this value is specifically doing?
My best explanation is that it tells the browser to return to where the post came from, but I have no documentation to back this assumption up.
There seems to be zero documentation on this topic, yet it is the given solution in most scenarios. Any clarification would be nice.
回答1:
There's a bit of (old) documentation here: https://developers.google.com/+/sign-in-faq that shows this is a Google+ Signin specific parameter to be used with Javascript apps:
REDIRECT_URI If a URL is present you are using the web redirect approach. To take full advantage of Google+ Sign-In features, consider using the JS widget approach. With the JS approach, the value of redirect_uri should be postmessage.
Basically the redirect_uri
value does not get used by the JS widget so it functions as an empty value.
来源:https://stackoverflow.com/questions/51106569/what-is-the-purpose-of-postmessage-in-a-redirect-uri