mmerickel
commented
11 years ago Okay, just to confirm douban is now using OAuth 2.0.
Can you explain why you've removed the CSRF checks from the weibo login?
Closed lxneng closed 11 years ago
mmerickel
commented
11 years ago Okay, just to confirm douban is now using OAuth 2.0.
Can you explain why you've removed the CSRF checks from the weibo login?
lxneng
commented
11 years ago Sorry! my mistake, I misunderstand that weibo is not supported state parameters. and i have added CSRF checks to weibo login now, please merge it, thanks! :-)
mmerickel
commented
11 years ago Thanks again for the PR!
fix douban, qq, renren and weibo login