Open michael-oneill opened 5 years ago
I agree there should be a user opt-in for this.
If the server increases the default or raises scope from same-origin the user should be notified, and given a chance to refuse.
I agree there should be a user opt-in for this.
If the server increases the default or raises scope from same-origin the user should be notified, and given a chance to refuse.