" client's misconfigured token endpoint" is confusing
client's misconfigured token endpoint.
is confusing/ambiguous and should be clarified.
Comments (8)
-
-
It should say something like:
instead of ”… at the client's misconfigured token endpoint”say “… at the token endpoint (which is misconfigured in the client to point to an attacker-controlled URL)”.
-
reporter - changed status to open
Agreed in the call Sep 13.
-
reporter -
assigned issue to
-
assigned issue to
-
reporter -
assigned issue to
-
assigned issue to
-
- changed status to resolved
pr merged
-
Merged in fapi1_errata_624 (pull request #449)
fixes
#624- "client's misconfigured token endpoint" is confusing-
fixes
#624- "client's misconfigured token endpoint" is confusing -
Merged openid/fapi:master into edmundjay/fapi1:fapi1_errata_624
Approved-by: Dave Tonge Approved-by: Brian Campbell Approved-by: Nat Sakimura
→ <<cset b4d82dd41860>>
-
-
Merged in fapi1_errata_624 (pull request #449)
fixes
#624- "client's misconfigured token endpoint" is confusing-
fixes
#624- "client's misconfigured token endpoint" is confusing -
Merged openid/fapi:master into edmundjay/fapi1:fapi1_errata_624
Approved-by: Dave Tonge Approved-by: Brian Campbell Approved-by: Nat Sakimura
→ <<cset b4d82dd41860>>
-
- Log in to comment
The text in question was introduced by PR #429