Emelia Smith
Emelia Smith
Currently we don't really have a single page that people can check for deprecations or significant changes, mapped by version, in the documentation. Instead all this information is hidden on...
I've been reading through some issues and other specifications, and I'm wondering if it would make sense or be possible for us to define some additional fields for the Client...
At present, the spec simply says what properties must be included in the [Access Token](https://solid.github.io/solid-oidc/#tokens-access) and [ID Token](https://solid.github.io/solid-oidc/#tokens-id), however, it does not specify that you probably shouldn't include more information...
**What is the problem this feature would solve? Please describe.** On our apps services, we use JSON logging (pino) and it'd be really helpful to be able to do `doctl...
This is a very rough first pass, but gives the following UI: And with more than 20 tags:  Implements #29986, without the dynamic autocomplete for now.
Hey Dan! I've been looking through the Pixelfed code and noticed that the validators you have for ActivityPub payloads aren't necessarily correctly being validated in some places. For instance, the...
Currently with this package, one must manually specify the `authorizeUrl` (`authorization_endpoint`), `accessTokenUrl` (`token_endpoint`) and possible the user info URL (`userinfo_endpoint`). [RFC 8414](https://datatracker.ietf.org/doc/html/rfc8414) allows for Authorization Servers to advertise all of...
One of the available endpoints on an OAuth 2, or OIDC, server is the ability to end the users' session and revoke the users' current access token. This is described...
[PKCE or Proof Key for Code Exchange](https://www.rfc-editor.org/info/rfc7636) helps secure OAuth codes during the Authorization Code Grant Flow, this specification was originally written with Public Clients in mind instead of confidential...
@thisismissem on [FediDevs Matrix](https://matrix.to/#/!uHqAjmOtrLtidOiczC:matrix.org/$gP_zRwMROUZuEus-xUCSufdzWvWow-EPeQizWWUn2OQ?via=matrix.org&via=mozilla.org&via=gemeinsam.jetzt): > The number of decentralised projects for javascript runtimes that I see that are susceptible to SSRF attacks through naive usage of `fetch()` are growing significantly...