My favorites | Sign in
Project Home Wiki Issues Source
READ-ONLY: This project has been archived. For more information see this post.
Search
for
  Advanced search   Search tips   Subscriptions
Issue 132: Update the OAuth implementation per the OAuth 1.0 Revision A specification
3 people starred this issue and may be notified of changes. Back to list
Status:  New
Owner:  ----


 
Project Member Reported by jonasnoc...@gmail.com, Aug 10, 2009
Jaiku's OAuth implementation follows the OAuth 1.0 specification which was deemed to be 
susceptible to a session fixation attack (c.f. http://oauth.net/advisories/2009-1). An update to the 
specification (OAuth 1.0 Revision A: http://oauth.net/core/1.0a) has been issued to address this, 
mainly adding the oauth_verifier parameter.

Powered by Google Project Hosting