Agree with Aaron that this errata should be rejected. On Wed, Nov 29, 2023 at 10:57 AM Aaron Parecki <aaron= [email protected]> wrote:
> This errata should be rejected, as section 4.2.2.1 is about the implicit > flow, which returns parameters in the fragment part of the URL, not query > parameters. > > > On Wed, Nov 29, 2023 at 11:51 AM RFC Errata System < > [email protected]> wrote: > >> The following errata report has been submitted for RFC6749, >> "The OAuth 2.0 Authorization Framework". >> >> -------------------------------------- >> You may review the report below and at: >> https://www.rfc-editor.org/errata/eid7715 >> >> -------------------------------------- >> Type: Editorial >> Reported by: Alex Wilson <[email protected]> >> >> Section: 4.2.2.1 >> >> Original Text >> ------------- >> >> HTTP/1.1 302 Found >> Location: https://client.example.com/cb#error=access_denied&state=xyz >> >> Corrected Text >> -------------- >> >> HTTP/1.1 302 Found >> Location: https://client.example.com/cb?error=access_denied&state=xyz >> >> Notes >> ----- >> For query parameters, the hash should be a question mark. >> >> Instructions: >> ------------- >> This erratum is currently posted as "Reported". (If it is spam, it >> will be removed shortly by the RFC Production Center.) Please >> use "Reply All" to discuss whether it should be verified or >> rejected. When a decision is reached, the verifying party >> will log in to change the status and edit the report, if necessary. >> >> -------------------------------------- >> RFC6749 (draft-ietf-oauth-v2-31) >> -------------------------------------- >> Title : The OAuth 2.0 Authorization Framework >> Publication Date : October 2012 >> Author(s) : D. Hardt, Ed. >> Category : PROPOSED STANDARD >> Source : Web Authorization Protocol >> Area : Security >> Stream : IETF >> Verifying Party : IESG >> >> _______________________________________________ >> OAuth mailing list >> [email protected] >> https://www.ietf.org/mailman/listinfo/oauth >> > _______________________________________________ > OAuth mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/oauth > -- _CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited. If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you._
_______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
