jrgifford / jaikuengine

Automatically exported from code.google.com/p/jaikuengine
Apache License 2.0
1 stars 0 forks source link

Update the OAuth implementation per the OAuth 1.0 Revision A specification #132

Open GoogleCodeExporter opened 8 years ago

GoogleCodeExporter commented 8 years ago
Jaiku's OAuth implementation follows the OAuth 1.0 specification which was 
deemed to be 
susceptible to a session fixation attack (c.f. 
http://oauth.net/advisories/2009-1). An update to the 
specification (OAuth 1.0 Revision A: http://oauth.net/core/1.0a) has been 
issued to address this, 
mainly adding the oauth_verifier parameter.

Original issue reported on code.google.com by jonasnoc...@gmail.com on 10 Aug 2009 at 11:16