Another Windows feature update - Cakewalk logged out and can't log in

[chris.r]

No more troubles no fun (is what they think in MS?). I've just through a forced feature update, now my Cakewalk is shareware and while trying to log-in I got this:

 

edit: after several attempts I managed to log in, no idea what was going on

Edited December 29, 2022 by chris.r

[chris.r]

Could be that I helped it a bit by opening new edge tab and logging into bandlab.com just to make sure my credentials are still valid. Then the Cakewalk's login window proceeded correctly. Did it help, I don't really know but I thought I'd tell about it here in case someone stumble on the same issue.

[chris.r]

55 minutes ago, pwalpwal said:

this whole localhost process waiting for some external request ("callback") is a security issue - why doesn't the login flow use the usual request/response mechanism?

I'm not a programmer so I'm not sure this question is towards me or the developers? ?

[msmcleod]

1 hour ago, pwalpwal said:

this whole localhost process waiting for some external request ("callback") is a security issue 

Please explain how/why this is a security issue?

1 hour ago, pwalpwal said:

why doesn't the login flow use the usual request/response mechanism?

Because due to security issues, OAuth no longer supports general request/responses - well, not easily.  Google has disabled the use of embedded browsers, and raw traffic over http - unless you specifically create an "application" within the developer section of your google account, and supply the host application with the unique application/security keys.  Each individual user would have to go through this process.

By contrast, opening a browser and listening for the response is now the preferred method, as it benefits from security updates to both the operating system and the browser.