diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-03-23 03:09:21 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-03-23 03:09:21 +0000 |
commit | 5b51129e3356a12283f0ba2da15db897ee30cf1a (patch) | |
tree | 81aab0c51c265782c093da49f089908761d5426d /doc/api/oauth2.md | |
parent | 71da67f3262eeffe59cc228986e0a2bb97b6dba5 (diff) | |
download | gitlab-ce-5b51129e3356a12283f0ba2da15db897ee30cf1a.tar.gz |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'doc/api/oauth2.md')
-rw-r--r-- | doc/api/oauth2.md | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/doc/api/oauth2.md b/doc/api/oauth2.md index e84f3509dcf..1cbff10b122 100644 --- a/doc/api/oauth2.md +++ b/doc/api/oauth2.md @@ -32,7 +32,7 @@ CAUTION: **Important:** OAuth specification advises sending the `state` parameter with each request to `/oauth/authorize`. We highly recommended sending a unique value with each request and validate it against the one in the redirect request. This is important in -order to prevent [CSRF attacks](https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)). +order to prevent [CSRF attacks](https://wiki.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)). The `state` parameter really should have been a requirement in the standard! In the following sections you will find detailed instructions on how to obtain |