• #dev 2017-12-05
  • Prev
    Next
  • #indieweb
  • #dev
  • #wordpress
  • #meta
  • #stream
  • #microformats
  • #known
  • #events
#dev ≡
  • ←
  • →
2017-12-05 UTC
# 14:20
aaronpk oh yeah, one more option. since what we're trying to do here is prevent specific attacks involving tricky redirect URLs, if the scheme/domain/port of the client_id match the redirect_uri then there wouldn't be any surprises. so I *think* we can bypass the redirect_uri lookup altogether if those match