Closed BarcoMasile closed 2 weeks ago
Right now only nonce value gets checked during the login process. We need to also add state parameter verification. Hopefully as part of a CSRF protection implementation.
nonce
state
Thank you for reporting us your feedback!
The internal ticket has been created: https://warthogs.atlassian.net/browse/IAM-920.
This message was autogenerated
Description
Right now only
nonce
value gets checked during the login process. We need to also addstate
parameter verification. Hopefully as part of a CSRF protection implementation.