AS shall require that redirect URIs use the https scheme
Issue #402
resolved
FAPI 2 Baseline requires https redirect urls, this precludes custom schemes and redirects to the loopback device via http.
It seems like this was copied from FAPI 1.
Comments (6)
-
-
- changed status to open
-
-
assigned issue to
-
assigned issue to
-
- changed status to resolved
Proposal to fix Issue
#402→ <<cset 01f077219385>>
-
Merged in danielfett/fapi2/http-redirect-uris (pull request #265)
Proposal to fix Issue
#402Approved-by: Dave Tonge Approved-by: Brian Campbell Approved-by: Joseph Heenan Approved-by: Torsten Lodderstedt
→ <<cset 45e5a135fd93>>
-
- changed component to FAPI2: Security Profile
- Log in to comment
Wording from the security bcp: