# HG changeset patch
# User Kim Alvefur <zash@zash.se>
# Date 1685642565 -7200
# Node ID 209299fd81e190e282e2f3c1e9032fa32da96d6d
# Parent  37621c6e5c089008e865a52e38cdcaf5b9877e16
mod_http_oauth2: Fix messed up section about redirect_uris requirements

diff -r 37621c6e5c08 -r 209299fd81e1 mod_http_oauth2/README.markdown
--- a/mod_http_oauth2/README.markdown	Thu Jun 01 19:55:36 2023 +0200
+++ b/mod_http_oauth2/README.markdown	Thu Jun 01 20:02:45 2023 +0200
@@ -125,10 +125,17 @@
     depending on the value of `application_type`:
 
     `web`
-    :   `redirect_uris` **MUST** match one of: - Loopback HTTP URI,
-        e.g. `http://127.0.0.1/` or `http://[::1]` -
-        Application-specific scheme, e.g. `com.example.app:/` - The
-        special OOB URI `urn:ietf:wg:oauth:2.0:oob`
+    :   `redirect_uris` **MUST** be `https://` URIs and **MUST** use the
+        same hostname part as the `client_uri`.
+
+    `native`
+
+    :   `redirect_uris` **MUST** match one of:
+
+        -   Loopback HTTP URI, e.g. `http://127.0.0.1/` or
+            `http://[::1]`
+        -   Application-specific scheme, e.g. `com.example.app:/`
+        -   The special OOB URI `urn:ietf:wg:oauth:2.0:oob`
 
 `application_type`