| Issue 132: | Update the OAuth implementation per the OAuth 1.0 Revision A specification | |
| 3 people starred this issue and may be notified of changes. | Back to list |
Jaiku's OAuth implementation follows the OAuth 1.0 specification which was deemed to be susceptible to a session fixation attack (c.f. http://oauth.net/advisories/2009-1). An update to the specification (OAuth 1.0 Revision A: http://oauth.net/core/1.0a) has been issued to address this, mainly adding the oauth_verifier parameter. |