[Koha-bugs] [Bug 33675] Add CSRF protection to OAuth/OIDC authentication

[bugzilla-daemon at bugs.koha-community.org]

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=33675

Tomás Cohen Arazi <tomascohen at gmail.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
           Keywords|rel_23_05_candidate         |
  Text to go in the|                            |This development adds
      release notes|                            |support for the `state`
                   |                            |parameter generation and
                   |                            |delivery when contacting
                   |                            |IdPs. This is an optional
                   |                            |but recommended opaque
                   |                            |value in the OAuth2/OIDC
                   |                            |specs that helps prevent
                   |                            |CSRF attacks, but is also a
                   |                            |requirement on some
                   |                            |Identity Provider
                   |                            |solutions.

-- 
You are receiving this mail because:
You are watching all bug changes.