Avoid using Facebook garbage fragment to complete login

Facebook adds a nonsense fragment to all redirect URIs when returning a code. This stops a fragments being surreptitiously passed through the authorization flow.

See http://stackoverflow.com/questions/7131909/facebook-callback-appends-to-return-url

Before this change, the presence of Facebook's garbage fragment would break the Swagger UI complete page, as having any fragment value at all will cause the complete page to ignore the query string. This change avoids using the fragment if it looks to be useless.

src/main/html/o2c.html

@@ -1,6 +1,6 @@
 <script>
 var qp = null;
-if(window.location.hash) {
+if(window.location.hash && window.location.hash !== "#_=_") {
   qp = location.hash.substring(1);
 }
 else {
@@ -17,4 +17,4 @@ else
     window.opener.onOAuthComplete(qp);
 
 window.close();
-</script>
+</script>