Jaiku's OAuth implementation follows the OAuth 1.0 specification which was
deemed to be
susceptible to a session fixation attack (c.f.
http://oauth.net/advisories/2009-1). An update to the
specification (OAuth 1.0 Revision A: http://oauth.net/core/1.0a) has been
issued to address this,
mainly adding the oauth_verifier parameter.
Original issue reported on code.google.com by jonasnoc...@gmail.com on 10 Aug 2009 at 11:16
Original issue reported on code.google.com by
jonasnoc...@gmail.comon 10 Aug 2009 at 11:16