#23: Auth Code Swap Attack (CSRF)
Changes (by barryleiba@…):
* status: new => closed
* resolution: => fixed
Comment:
Consensus is to make CSRF prevention a MUST and to recommend the state
parameter as an implementation mechanism. Text will go into version -21.
--
-------------------------------------+--------------------------------------
Reporter: barryleiba@… | Owner:
Type: defect | Status: closed
Priority: major | Milestone: Deliver OAuth 2.0 spec
Component: v2 | Version:
Severity: In WG Last Call | Resolution: fixed
Keywords: |
-------------------------------------+--------------------------------------
Ticket URL: <http://trac.tools.ietf.org/wg/oauth/trac/ticket/23#comment:1>
oauth <http://tools.ietf.org/oauth/>
_______________________________________________
OAuth mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/oauth
