- changed status to new
Java Script Clients and CORS
Issue #2032
resolved
Java Scripts clients are not only clients who honor the CORS (Cross Origin Resource Sharing) policies. The same applies for Web Assemble (WASM) clients as well. Hence, I suggest replacing Java Script Clients with Web Clients.
The UserInfo Endpoint SHOULD support the use of Cross-Origin Resource Sharing (CORS) [CORS] and/or other methods as appropriate to enable Java Script Clients to access it.
Pls, note, the OAuth 2.1 spec uses “web clients”.
Comments (4)
-
-
-
assigned issue to
Michael Jones
On the 28-Aug-23 call, we discussed what name to use to describe “web clients” or “browser-based clients”. Browser-based is probably a better name than web. More thoughts are solicited.
-
assigned issue to
-
- changed status to open
To be fixed by https://bitbucket.org/openid/connect/pull-requests/626
-
- changed status to resolved
- Log in to comment
