On 09/23/2015 08:38 AM, Rory McGuire via Digitalmars-d-announce wrote:
Problem is right now anyone can make an app and pretend its your app, and
then ...

If the user gives your keys access to their stuff so does anyone else who
has your keys, if they can get the oauth2 redirect to redirect to a
matching url at least.

Isn't oauth/openid just kindof a big bundle of such phishing problems anyway?

Reply via email to