mirror of
https://github.com/status-im/codimd.git
synced 2025-01-12 14:44:14 +00:00
6ff6d215ab
state parameter is recommended with oauth2 authentification to mitigate CSRF attacks (see [1]). hydra [2] will throw the following error message if state is missing: description="The state is missing or has less than 8 characters and is therefore considered too weak" error=invalid_state hint="Request parameter \"state\" must be at least be 8 characters long to ensure sufficient entropy." [1]: https://auth0.com/docs/protocols/oauth2/oauth-state [2]: https://www.ory.sh/hydra/ Signed-off-by: Samuel Trégouët <samuel.tregouet@gmail.com>