Re: Re: Rest API v.2 developer credentials
Aldevinas Katkus
10-17-17
Thanks for the answer. One more question:
is there any CSRF protection implemented in the Rest API?
The CSRF (Cross Site Request Forgery) problem with OAuth is described here https://security.stackexchange.com/a/57886
It looks like the 'state' param is not sent back to the redirect_url. Quote
"The authorization code is issued and sent back to the client in your session along with the state parameter"
I was testing OAuth with this http://oauth2-client.thephpleague.com/usage/
Reply
Leave Comment
You can subscribe to notifications for this post by selecting the 'star' icon on the top right corner of the post.
Latest Posts
Re: Order Classes and automatic Activities for Service Orders
Carolina Valentino
are the activity set as Hansamanuals said? https://www.hansamanuals.com/main/mailnumber___62526/theconf___231/manuals/version___20250224/langcode___es/hwconvindex.htm?shortcode=HW0301SETTINGS_Order...
17:20 4 Apr 2025
SendAsyncWebRequest vs SendWebRequest
Paul Timms
SendWebRequest3 is a boolean function, so if this returns true and the reply header has an accepted status, you can assume that the data was sent successfully and perform some actions on the record th...
11:12 4 Apr 2025