• #dev 2020-01-16
  • Prev
    Next
  • #indieweb
  • #dev
  • #wordpress
  • #meta
  • #stream
  • #microformats
  • #known
  • #events
#dev ≡
  • ←
  • →
2020-01-16 UTC
# 04:11
[dmitshur] so if tilde.club/~bob uses the authorization endpoint evil.com/auth that returns a "me" value of "tilde.club/~alice", then we check and see tilde.club/~alice doesn't have the same authorization endpoint evil.com/auth, so we can't trust bob.