[Openid-specs-ab] Issue #873: session 4.1. Can we use opbs with http (not httponly) (openid/connect)
issues-reply at bitbucket.org
Tue Sep 17 15:53:51 UTC 2013
New issue 873: session 4.1. Can we use opbs with http (not httponly)
Regarding to the spec on [openid-connect-session-1_0-15.html](http://openid.net/specs/openid-connect-session-1_0-15.html), it says "The OP iframe has access to Browser state at the OP (in a cookie or in HTML5 storage)".
More information about the Openid-specs-ab