Re: [OAUTH-WG] Redirect URIs in draft-ietf-oauth-security-topics

Indeed, we shall fix that. Am 11.05.20 um 20:43 schrieb Brian Campbell: > I suspect it was an unintentional oversight in the Security BCP and > that it should be updated to allow for it. > > On Mon, May 11, 2020 at 10:03 AM Aaron Parecki > wrote: > > The Security

Re: [OAUTH-WG] Redirect URIs in draft-ietf-oauth-security-topics

I suspect it was an unintentional oversight in the Security BCP and that it should be updated to allow for it. On Mon, May 11, 2020 at 10:03 AM Aaron Parecki wrote: > The Security BCP has pretty clear language around requiring exact matching > of redirect URIs now. > > >

[OAUTH-WG] Redirect URIs in draft-ietf-oauth-security-topics

The Security BCP has pretty clear language around requiring exact matching of redirect URIs now. https://tools.ietf.org/html/draft-ietf-oauth-security-topics-15#section-2.1 However the Native Apps BCP has an exception for localhost URIs to allow variable ports.