blueauth redirection is set on client. can it be protected so redirection comes from the server side ?

redirection is set on client. can it be protected so redirection comes from the server side ?

Open danielbenedykt opened this issue 2 years ago • 0 comments

I am using blueauth in a project and it was pointed out that redirection can be changed by injecting js or in the client, so after login redirection can be manipulated. is there a way to protect against that or that the redirect url comes from the server ?

Oct 17 '22 11:10 danielbenedykt

blueauth blueauth copied to clipboard

redirection is set on client. can it be protected so redirection comes from the server side ?

blueauth
blueauth copied to clipboard