Re: Re: Rest API v.2 developer credentials
Aldevinas Katkus
10-17-17
Thanks for the answer. One more question:
is there any CSRF protection implemented in the Rest API?
The CSRF (Cross Site Request Forgery) problem with OAuth is described here https://security.stackexchange.com/a/57886
It looks like the 'state' param is not sent back to the redirect_url. Quote
"The authorization code is issued and sent back to the client in your session along with the state parameter"
I was testing OAuth with this http://oauth2-client.thephpleague.com/usage/
Reply
Leave Comment
You can subscribe to notifications for this post by selecting the 'star' icon on the top right corner of the post.
Latest Posts
BackgroundHALShouldPause HAL primitive
Paul Timms
I would like to know what BackgroundHALShouldPause does, and how to use it. While it's listed in the HAL Primitives report, it is not used in source code and it doesn't appear in the LMS HAL...
18:15 30 Jan 2026
Re: Use External Mail Software
Bror-Erik Kotiranta
Please create a bugreport on the problems...
10:38 26 Jan 2026