Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Jérome Perrin
gitlab-ce
Commits
51fcea7a
Commit
51fcea7a
authored
Sep 28, 2016
by
Achilleas Pipinellis
Browse files
Options
Browse Files
Download
Plain Diff
Merge branch 'fix-csfr-typo-in-doc' into 'master'
Fix typo `CSFR` -> `CSRF` in the OAuth2 doc See merge request !6538
parents
9d302b8d
4977a167
Changes
1
Show whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
8 additions
and
8 deletions
+8
-8
doc/api/oauth2.md
doc/api/oauth2.md
+8
-8
No files found.
doc/api/oauth2.md
View file @
51fcea7a
...
...
@@ -48,7 +48,7 @@ You should then use the `code` to request an access token.
>**Important:**
It is highly recommended that you send a
`state`
value with the request to
`/oauth/authorize`
and
validate that value is returned and matches in the redirect request.
This is important to prevent
[
CS
FR attacks
](
http://www.oauthsecurity.com/#user-content-authorization-code-flow
)
,
This is important to prevent
[
CS
RF attacks
](
http://www.oauthsecurity.com/#user-content-authorization-code-flow
)
,
`state`
really should have been a requirement in the standard!
### 3. Requesting the access token
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
