Skip to content
Permalink
Browse files

Add missing ampersand in AuthN redirect

  • Loading branch information...
jamietanna committed Oct 13, 2018
1 parent 4e71dd9 commit ffaf128e01712ca38f3a7dd412749c2bf2f1c99a
Showing with 1 addition and 1 deletion.
  1. +1 −1 public/source/index.php
@@ -440,7 +440,7 @@

<pre class="example nohighlight"><?= htmlspecialchars(
'HTTP/1.1 302 Found
Location: https://app.example.com/redirect?code=xxxxxxxx
Location: https://app.example.com/redirect?code=xxxxxxxx&
state=1234567890') ?></pre>

<p>Upon the redirect back to the client, the client MUST verify that the state parameter in the request is valid and matches the state parameter that it initially created, in order to prevent CSRF attacks. The state value can also store session information to enable development of clients that cannot store data themselves.</p>

0 comments on commit ffaf128

Please sign in to comment.
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.