This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthor

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Page revision history

Version Date Modified Size Author Changes ... Change note

Page References

Incoming links Outgoing links
OAuth 2.0 Security-Closing Open Redirectors in OAuth
OAuth 2.0 Security-Closing Open Redirectors in OAuth

Version management

Difference between version and

At line 1 added 238 lines
!!! Overview [1]
[{$pagename}] is an [Internet Draft] for a [Best Current Practice] which gives additional security considerations for [OAuth], beyond those in the [OAuth 2.0] specification [RFC 6749] and in the OAuth 2.0 Threat Model and Security Considerations [RFC 6819].
In particular focuses attention on the risk of abuse the [Authorization Server] ([AS]) (Section 1.2) as an [open redirector|Unvalidated redirects and forwards].
[{$pagename}] contains the following content:
* Describes the [Authorization Server] Error Response as defined in [RFC 6749].
* Describes the risk of abuse the [Authorization Server] as an open redirector.
* Gives some mitigation details on how to hinder the risk of open redirector in the [Authorization Server].
!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
----
* [#1] - [OAuth 2.0 Security: OAuth Open Redirector|https://tools.ietf.org/html/draft-bradley-oauth-open-redirector-02|target='_blank'] - based on information obtained 2018-03-21-
This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthorTop