2

We've been using pow to easily spin up local development servers for our platform. However, Google recently broke all .dev domains in chrome by requiring them to have SSL certificates. Anvil worked around this by switching to .test domains instead of .dev. This worked for the most part, but we figured out that Google won't let you use a .test domain as a valid OAuth 2.0 callback.

Does anyone have any clue how we could solve this without scrapping anvil/pow or OAuth 2.0?

Jacob Jackson
  • 21
  • 1
  • 5

1 Answers1

0

I'm using xip.io as my workaround at the moment.

E.g. for an app that you used to access using http://blog.dev instead use http://blog.127.0.0.1.xip.io.

This works to access the pow app but also is allowed as a Google OAuth redirect url because it's a .io domain.

This is a very annoying issue. Especially since google were the ones who made .dev unusable in chrome by automatically upgrading it to https...

roryhughes
  • 632
  • 5
  • 5
  • 1
    Agreed. Yeah we just ended up scrapping oauth locally and logging in the old fashioned way. Definitely a frustrating decision from Google. – Jacob Jackson Feb 02 '18 at 22:31