auth

Paddy 2014-08-16 Parent:fb2fd59f9930

16:13568ac73ac3 Go to Latest

auth/info.go

Note the potential for CSRF attacks. Our auth provider probably shouldn't have security vulnerabilities. Add TODOs to ensure that logging in and authorizing a grant are not susceptible to CSRF attacks, or it becomes pretty easy for an attacker to gain access to user data or to gain access to a user account.

Download raw file
View source Diff to previous Annotate
History