search

jaredhanson / passport-openid

OpenID authentication strategy for Passport and Node.js.
https://www.passportjs.org/packages/passport-openid/?utm_source=github&utm_medium=referral&utm_campaign=passport-openid&utm_content=about
MIT License
98 stars 85 forks source link

openid dependency 2.0.x (fixes security issue--openid 1 does not check return_to) #43

Open Poikilos opened 6 years ago

Poikilos commented 6 years ago

Pull request was not made to fix the security issue with openid version 1, so I'm making the pull request. https://github.com/jaredhanson/passport/issues/678

rwky commented 6 years ago

Forked and merged into https://github.com/passport-next/passport-openid

Install with npm install @passport-next/passport-openid

YasharF commented 4 years ago

Has the issue with openid been reported to npm using the process at https://docs.npmjs.com/reporting-a-vulnerability-in-an-npm-package ? I do not get anything in the npm audit report.