Limit the redirect-uri's that are permitted to certain URI's (probably passed in by ENV variables for now).
This will prevent users from sending auth.dogehouse.online/github/login?redirect_uri=https://mymalicioussite.com
To unsuspecting users and thereby snatching their auth token.
Limit the redirect-uri's that are permitted to certain URI's (probably passed in by ENV variables for now). This will prevent users from sending
auth.dogehouse.online/github/login?redirect_uri=https://mymalicioussite.comTo unsuspecting users and thereby snatching their auth token.