Re: Re: Rest API v.2 developer credentials
Aldevinas Katkus
10-17-17
Thanks for the answer. One more question:
is there any CSRF protection implemented in the Rest API?
The CSRF (Cross Site Request Forgery) problem with OAuth is described here https://security.stackexchange.com/a/57886
It looks like the 'state' param is not sent back to the redirect_url. Quote
"The authorization code is issued and sent back to the client in your session along with the state parameter"
I was testing OAuth with this http://oauth2-client.thephpleague.com/usage/
Reply
Leave Comment
You can subscribe to notifications for this post by selecting the 'star' icon on the top right corner of the post.
Latest Posts
Re: Technics>>Settings>>Services Cache
Bror-Erik Kotiranta
Clients have their own cache, and then the server has the shared cache, if you want it kind of black and white. Presense should be there as far as i know...
10:55 7 July 2025
Re: Holding wrong DV
Yavuz Yigiterhan
Hello Paul, That is something only HansaWorld can do. But that would help to understand is that causing the problem and - if so - we fix the issue. Additional information is appreciated. Yavuz...
10:45 7 July 2025