[Amdatu-developers] [JIRA] Updated: (AMDATU-229) Add fix for oAuth session fixation vulnerability

Ivo Ladage - van Doorn (JIRA) Fri, 14 Jan 2011 14:13:27 +0100 (CET)

     [ 
http://jira.amdatu.org/jira/browse/AMDATU-229?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Ivo Ladage - van Doorn updated AMDATU-229:
------------------------------------------

    Assignee:     (was: Ivo Ladage - van Doorn)

> Add fix for oAuth session fixation vulnerability
> ------------------------------------------------
>
>                 Key: AMDATU-229
>                 URL: http://jira.amdatu.org/jira/browse/AMDATU-229
>             Project: Amdatu
>          Issue Type: Improvement
>          Components: Amdatu Auth
>    Affects Versions: 0.1.0
>            Reporter: Ivo Ladage - van Doorn
>             Fix For: 0.1.1
>
>
> See 
> http://hueniverse.com/2009/04/explaining-the-oauth-session-fixation-attack/
> A generated token should be added to the callback URL, that should fix this 
> vulnerability

-- 
This message is automatically generated by JIRA.
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

[Amdatu-developers] [JIRA] Updated: (AMDATU-229) Add fix for oAuth session fixation vulnerability

Reply via email to