Closed leejo closed 6 years ago
As per https://tools.ietf.org/html/rfc6749#section-10.15 and https://tools.ietf.org/html/rfc6819#section-5.2.3.5. The IETF recommend any redirect URIs be whitelisted to prevent malicious redirects.
Should maybe make this optional in the config rather than enforcing it.
Closing, unless anybody really want this.
As per https://tools.ietf.org/html/rfc6749#section-10.15 and https://tools.ietf.org/html/rfc6819#section-5.2.3.5. The IETF recommend any redirect URIs be whitelisted to prevent malicious redirects.
Should maybe make this optional in the config rather than enforcing it.