This language was requested by Brian. EHL
> -----Original Message----- > From: [email protected] [mailto:[email protected]] On Behalf > Of Marius Scurtescu > Sent: Thursday, April 29, 2010 5:39 PM > To: OAuth WG > Subject: [OAUTH-WG] same-origin policy > > Section 3.5.1, version 01, says: "These clients cannot keep client secrets > confidential and the authentication of the client is based on the user-agent's > same-origin policy." > > I don't think that the same-origin policy comes into play in this case. > Authentication of the client is based only on the end-user validating the > redirection URI. > > Marius > _______________________________________________ > OAuth mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/oauth _______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
