[Openid-specs-fapi] Issue #627: Proposed change to invalid redirect url test in all FAPI conformance suites (openid/fapi)
josephheenan
issues-reply at bitbucket.org
Wed Oct 11 23:09:58 UTC 2023
New issue 627: Proposed change to invalid redirect url test in all FAPI conformance suites
https://bitbucket.org/openid/fapi/issues/627/proposed-change-to-invalid-redirect-url
Joseph Heenan:
As per the discussion at [https://bitbucket.org/openid/connect/issues/2045/certification-proposed-change-to-how](https://bitbucket.org/openid/connect/issues/2045/certification-proposed-change-to-how) the certification team propose to change the invalid url test such that we check that urls are the redirect url plus extra characters in the path are rejected as I believe this would detect more incorrect implementations than the current test does \(see url for details\).
Before doing so we should wanted to give the working group a chance to object. We plan to proceed if no objections are received within 2 weeks.
More information about the Openid-specs-fapi
mailing list