Authentication integration: Difference between revisions
Content added Content deleted
imported>Paulproteus No edit summary |
imported>Paulproteus No edit summary |
||
Line 18: | Line 18: | ||
* I'm a bit nervous about having splittable cookies. Maybe add an index cookie? (fun link: [http://wiki.laptop.org/go/Canonical_JSON canonical json]) |
* I'm a bit nervous about having splittable cookies. Maybe add an index cookie? (fun link: [http://wiki.laptop.org/go/Canonical_JSON canonical json]) |
||
* I'm a bit nervous about the inter-app dataflow that these cookies represent. How are you going to avoid exposing XSS opportunities in the apps receiving data through these cookies? |
* I'm a bit nervous about the inter-app dataflow that these cookies represent. How are you going to avoid exposing XSS opportunities in the apps receiving data through these cookies? |
||
* Other minor nits: unicode canonicalization, redirect_to abuse & replay |
|||
== Overview == |
== Overview == |