Details

    • Type: Sub-Task
    • Status: Closed
    • Priority: Minor
    • Resolution: Completed
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: None
    • Labels:
      None

      Description

      Based on OAUTH2-99.

      Changing authorizeScreenURL field in com.liferay.oauth2.provider.rest.internal.endpoint.authorize.configuration.AuthorizeScreenConfiguration to an URL outside portal might pose security risk. Please ensure "x-frame-options" header is correctly set to prevent Clickjacking attack.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              id30721 id30721
              Reporter:
              tomas.polesovsky Tomáš Polešovský
              Participants of an Issue:
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:

                  Packages

                  Version Package