summaryrefslogtreecommitdiff
path: root/lib/web/auth/gitlab/index.js
diff options
context:
space:
mode:
authorDexter Chua2020-06-16 16:45:23 +0800
committerhaslersn2020-10-22 22:50:34 +0200
commita88b4aff2a904cd2351002784817d54120766ad8 (patch)
tree79a0f424d59f9f4982b662f005b6596743bb5e66 /lib/web/auth/gitlab/index.js
parenta160d81fe33044ca8fbb71addd77c40d55b37251 (diff)
Generic OAuth2: Set state: true
The OAuth2 specification RECOMMENDS setting the state to protect against CSRF attacks. Some OAuth2 providers (e.g. ORY Hydra) refuse to authenticate without the state set. This is a cherry-pick of 852868419dc03d5dec79e75a3d7692ab670c927f. Signed-off-by: haslersn <sebastian.hasler@gmx.net>
Diffstat (limited to '')
0 files changed, 0 insertions, 0 deletions