直到最近,我网站的用户才能够通过 OAuth 从 Google 导入数据。然而,最近他们在授权时收到了下面黄色框中的警告(尽管导入仍然有效)。
我也在 Facebook 的 GMail 验证器上注意到了同样的警告!
有什么变化/我错过了什么?
This website is registered with Google to make authorization requests, but has not been configured to send requests securely.
If you grant access but you did not initiate this request at www.foo.com, it may be possible for other users of www.foo.com to access your data. We recommend you deny access unless you are certain that you initiated this request directly with www.foo.com.
(该站点是用 Zope/Python 编写的,但我缺少的步骤/文档更为重要)
最佳答案
您是否尝试使用谷歌搜索错误消息?这样做把我带到了this page ,其中指出:
Registered with enhanced security: Registered applications with a security certificate on file can use secure tokens. The Access Request page removes cautions, displaying this message: " Google is not affiliated with , and we recommend that you grant access only if you trust the site."
有关更多详细信息,请参阅他们的文档,第 4 步“上传安全证书”。
关于python - 如何通过 Google OAuth 安全地请求数据?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/1572450/