Changeset

5507:209299fd81e1

mod_http_oauth2: Fix messed up section about redirect_uris requirements
author Kim Alvefur <zash@zash.se>
date Thu, 01 Jun 2023 20:02:45 +0200
parents 5506:37621c6e5c08
children 5508:56803acfa638
files mod_http_oauth2/README.markdown
diffstat 1 files changed, 11 insertions(+), 4 deletions(-) [+]
line wrap: on
line diff
--- a/mod_http_oauth2/README.markdown	Thu Jun 01 19:55:36 2023 +0200
+++ b/mod_http_oauth2/README.markdown	Thu Jun 01 20:02:45 2023 +0200
@@ -125,10 +125,17 @@
     depending on the value of `application_type`:
 
     `web`
-    :   `redirect_uris` **MUST** match one of: - Loopback HTTP URI,
-        e.g. `http://127.0.0.1/` or `http://[::1]` -
-        Application-specific scheme, e.g. `com.example.app:/` - The
-        special OOB URI `urn:ietf:wg:oauth:2.0:oob`
+    :   `redirect_uris` **MUST** be `https://` URIs and **MUST** use the
+        same hostname part as the `client_uri`.
+
+    `native`
+
+    :   `redirect_uris` **MUST** match one of:
+
+        -   Loopback HTTP URI, e.g. `http://127.0.0.1/` or
+            `http://[::1]`
+        -   Application-specific scheme, e.g. `com.example.app:/`
+        -   The special OOB URI `urn:ietf:wg:oauth:2.0:oob`
 
 `application_type`