Mercurial > prosody-modules
diff mod_http_oauth2/html/consent.html @ 5568:540beba5b75b
mod_http_oauth2: Always show list of requested scopes
Upon further reflection, these are probably too important to hide behind
a <details> thing.
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Sun, 25 Jun 2023 11:12:07 +0200 |
parents | b45d9a81b3da |
children | 8de02381e80a |
line wrap: on
line diff
--- a/mod_http_oauth2/html/consent.html Sun Jun 25 00:00:02 2023 +0200 +++ b/mod_http_oauth2/html/consent.html Sun Jun 25 11:12:07 2023 +0200 @@ -14,6 +14,7 @@ <h1>{site_name}</h1> <fieldset> + <form method="post"> <legend>Authorize new application</legend> <p>A new application wants to connect to your account.</p> <dl> @@ -29,6 +30,11 @@ {client.policy_uri& <dt>Policy</dt> <dd><a href="{client.policy_uri}">View policy</a></dd>} + + <dt>Requested permissions</dt> + <dd>{scopes# + <input class="scope" type="checkbox" id="scope_{idx}" name="scope" value="{item}" checked><label class="scope" for="scope_{idx}">{item}</label>} + </dd> </dl> <p>To allow <em>{client.client_name}</em> to access your account @@ -36,10 +42,6 @@ select 'Allow'. Otherwise, select 'Deny'. </p> - <form method="post"> - <details><summary>Requested permissions</summary>{scopes# - <input class="scope" type="checkbox" id="scope_{idx}" name="scope" value="{item}" checked><label class="scope" for="scope_{idx}">{item}</label>} - </details> <input type="hidden" name="user_token" value="{state.user.token}"> <button type="submit" name="consent" value="denied">Deny</button> <button type="submit" name="consent" value="granted">Allow</button>