Skip to content

G
gitlab-ce
Commit 51fcea7a authored by Achilleas Pipinellis's avatar Achilleas Pipinellis
Browse files
Options

Merge branch 'fix-csfr-typo-in-doc' into 'master' 

Fix typo `CSFR` -> `CSRF` in the OAuth2 doc



See merge request !6538
parents 9d302b8d 4977a167
Show whitespace changes
Inline Side-by-side
Showing with 8 additions and 8 deletions
doc/api/oauth2.md
View file @ 51fcea7a
...@@ -48,7 +48,7 @@ You should then use the `code` to request an access token. ...@@ -48,7 +48,7 @@ You should then use the `code` to request an access token.
>**Important:** >**Important:**
It is highly recommended that you send a `state` value with the request to `/oauth/authorize` and It is highly recommended that you send a `state` value with the request to `/oauth/authorize` and
validate that value is returned and matches in the redirect request. validate that value is returned and matches in the redirect request.
This is important to prevent [CSFR attacks](http://www.oauthsecurity.com/#user-content-authorization-code-flow), This is important to prevent [CSRF attacks](http://www.oauthsecurity.com/#user-content-authorization-code-flow),
`state` really should have been a requirement in the standard! `state` really should have been a requirement in the standard!
### 3. Requesting the access token ### 3. Requesting the access token
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7