search

KorAP / Kalamar

:octopus: Mojolicious-based Frontend for KorAP
BSD 2-Clause "Simplified" License
7 stars 2 forks source link

Sign redirect to remove OpenRedirect attack vector #166

Closed Akron closed 1 year ago

Akron commented 2 years ago

The server side redirect based on the OAuth client registration should be signed to avoid open redirect attacks.