mirror of
https://we.phorge.it/source/phorge.git
synced 2024-11-25 00:02:41 +01:00
41b9752ba8
Summary: Two behavioral changes: - If the redirect URI for an application is "https", require HTTPS always. - According to my reading of http://tools.ietf.org/html/draft-ietf-oauth-v2-23#section-3.1.2 we need to check both names //and values// for parameters. Add value checking. I think this makes more sense in general? No one uses this, soooo... iiam Test Plan: This has good coverage already; added some tests for the new cases. Reviewers: vrana Reviewed By: vrana CC: cbg, aran, btrahan Differential Revision: https://secure.phabricator.com/D5022 |
||
---|---|---|
.. | ||
PhabricatorOAuthServerTestCase.php |