Marti Martz
Marti Martz
@Dyceman [`sameSite`](https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie) at MDN. We use this auth strategy with the `secure` attribute and `lax` value for `sameSite` [to start](https://github.com/OpenUserJS/OpenUserJS.org/blob/1e8ca74e9e02b960d87ee33b9612b74bcae0944c/app.js#L387-L388) otherwise most, if not all, of the strategies including Twitter...
Btw... > In a development environment Is your localhost https? Most aren't and use http with no certificates... but depends on your network setup.
Unfamiliar with that particular tunneling reverse proxy... perhaps they updated something in their backend or your frontend? Have you tried direct to your development environment on the same LAN? You...
Looks like #8 is similar to your issue... may want to go see what solutions were provided. Anything with [proxy](https://github.com/jaredhanson/passport-twitter/search?q=proxy&type=Issues) may lead to a solution too.
Ref: * jaredhanson/node-xtraverse/pull/2
@dougwilson Ref: [Apache MIME types](https://svn.apache.org/repos/asf/httpd/httpd/trunk/docs/conf/mime.types) Snippet of that page: ``` text ... # The table below contains both registered and (common) unregistered types. ... application/mp4 mp4s ... audio/mp4 m4a mp4a...
Here we go for `mp4s`: Ref: https://tools.ietf.org/html/rfc6381 > "When the first element of a value is 'mp4a' (indicating some kind of MPEG-4 audio), or 'mp4v' (indicating some kind of MPEG-4...
> is that correct? Depends on the hierarchy for this projects precedence or if it's peer leveled. MPEG anything catches my eye since I've worked on it in the past....
Well it's the chicken in the egg syndrome in my book. One needs to get at the MIME type to determine if its a binary audio *(conditional a in rfc4337)*...
Is it too big of a leap to show multiple sources on merge to help alleviate confusion? CSV separated *(or pipes)* or even a new field to show the precedence...