oauth2-server-php-docs icon indicating copy to clipboard operation
oauth2-server-php-docs copied to clipboard

Published 20 hours ago verified publisher icon bshaffer

Add note regarding CSRF protection to documentation/step-by-step walkthrough

Open bshaffer opened this issue 11 years ago • 0 comments
trafficstars

The /authorize implementation described in the step-by-step walkthrough allows for CSRF, where an attacker would be able to forge a request bypassing the authorization form.

It would be great if a note could be added so that future developers are aware of this. An example implementation would also be incredibly useful.

See https://github.com/bshaffer/oauth2-server-php/issues/270

bshaffer avatar Dec 17 '13 20:12 bshaffer