I am currently using the latest stable VS Code version on Windows 10 (ver 20H2, build 19042.1826) with the

The app starts up, I can hit breakpoints, etc. all good. However, this app uses a 3rd party service to authenticate and authorize users (from ArcGIS Online) and it seems the "file:///C:/path/to/root/index.html" url is not allowed to be redirected back to from the authentication service page.

My Google-fu is failing me here and I can't seem to figure out how this would work. Has anyone experienced such an issue before? Is it possible to use a "http://localhost" url on some port here instead?

The authentication service disallows setting a redirect url which has a "file:///" scheme.

CodePudding user response：

In order to avoid exposing users to open redirector attacks, developers must register one or more redirect URLs for the application. The authorization server must never redirect to any other location. You can try adding a redirect URI according to this doc.

IMO, file:/// scheme may not work, so I suggest you use a http://localhost url since only http and https are mentioned in the doc.

CodePudding user response：

To resolve this issue, I followed the guidance in @yu-zhou's comments above. My solution was to use the Live Server VS Code extension to host and run the app locally. I set the "NoBrowser" setting in Live Server to "true" so that a new browser instance would not be launched on Live Server startup. I then configured as follows:

{
    "name": "Edge: Debug app",
    "request": "launch",
    "type": "msedge",
    "url": "http://localhost:5500/my-app/index.html",
    "runtimeArgs": ["--disable-web-security"],
    "skipFiles": ["<node_internals>/**", "**/*.com*/**"]
}