[Openid-specs-ab] post_logout_redirect_uri

John Bradley ve7jtb at ve7jtb.com
Thu Nov 15 01:10:23 UTC 2018


I think it may be reasonable to allow a fragment in the post logout 
redirect.   Some people will want to redirect back to a Single Page 
App.   I need to think about it.

On 11/14/2018 8:35 PM, Mike Jones via Openid-specs-ab wrote:
> I agree that this should follow the same pattern as the redirect_uri - https, path permitted, query parameters permitted and preserved, fragment not permitted.
>   
> Filip Skokan also pointed out that there is likewise no description of the syntax of initiate_login_uri.  My sense is that should also be the same.
>
> Other's thoughts?
>
> 				-- Mike
>
> -----Original Message-----
> From: Openid-specs-ab <openid-specs-ab-bounces at lists.openid.net> On Behalf Of Roland Hedberg via Openid-specs-ab
> Sent: Wednesday, November 14, 2018 7:14 AM
> To: <openid-specs-ab at lists.openid.net> <openid-specs-ab at lists.openid.net>
> Cc: Roland Hedberg <roland at catalogix.se>
> Subject: [Openid-specs-ab] post_logout_redirect_uri
>
> Hi!
>
> post_logout_redirect_uri are defined in https://openid.net/specs/openid-connect-session-1_0.html
> and refreed to in https://openid.net/specs/openid-connect-frontchannel-1_0.html.
>
> In neither of these documents are there any specification of what a post_logout_redirect_uri is allowed to look like.
>
> backchannel_logout_uri in https://openid.net/specs/openid-connect-backchannel-1_0.html is defined as:
>
> ”The back-channel logout URI MUST be an absolute URI as defined by Section 4.3 of [RFC3986].
> The back-channel logout URI MAY include an application/x-www-form-urlencoded formatted query component, per Section 3.4 of [RFC3986], which MUST be retained when adding additional query parameters.
> The back-channel logout URI MUST NOT include a fragment component.”
>
> The same goes for frontchannel_logout_uri in https://openid.net/specs/openid-connect-frontchannel-1_0.html
>
> I would expect the same rule to apply to post_logout_redirect_uri.
>
> -- Roland
> "Education is the path from cocky ignorance to miserable uncertainty.” - Mark Twain
>
>
>
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-ab
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-ab


More information about the Openid-specs-ab mailing list