codimd

History

Samuel Trégouët 6ff6d215ab fix: add state parameter for oauth2 state parameter is recommended with oauth2 authentification to mitigate CSRF attacks (see [1]). hydra [2] will throw the following error message if state is missing: description="The state is missing or has less than 8 characters and is therefore considered too weak" error=invalid_state hint="Request parameter \"state\" must be at least be 8 characters long to ensure sufficient entropy." [1]: https://auth0.com/docs/protocols/oauth2/oauth-state [2]: https://www.ory.sh/hydra/ Signed-off-by: Samuel Trégouët <samuel.tregouet@gmail.com>		2020-05-11 15:59:49 +02:00
..
bitbucket	refactor: remove web folder	2020-01-06 14:19:02 +08:00
dropbox	refactor: remove web folder	2020-01-06 14:19:02 +08:00
email	prevert directly call of User.hashPassword()	2020-04-20 00:04:13 +08:00
facebook	refactor: remove web folder	2020-01-06 14:19:02 +08:00
github	refactor: remove web folder	2020-01-06 14:19:02 +08:00
gitlab	refactor: remove web folder	2020-01-06 14:19:02 +08:00
google	feat: support hostedName in google OAuth 2.0 provider	2020-02-28 17:53:04 +08:00
ldap	refactor: change errorBadRequest function signature to avoid parameter passing error	2020-02-26 11:22:59 +08:00
mattermost	refactor: remove web folder	2020-01-06 14:19:02 +08:00
oauth2	fix: add state parameter for oauth2	2020-05-11 15:59:49 +02:00
openid	refactor: remove web folder	2020-01-06 14:19:02 +08:00
saml	refactor: remove web folder	2020-01-06 14:19:02 +08:00
twitter	refactor: remove web folder	2020-01-06 14:19:02 +08:00
index.js	refactor: remove web folder	2020-01-06 14:19:02 +08:00
utils.js	refactor: remove web folder	2020-01-06 14:19:02 +08:00