Add redirect URI validation that allowlists vikunja-* custom protocol schemes, rejecting http/https and dangerous schemes like javascript:. Add PKCE S256 verification following RFC 7636. |
||
|---|---|---|
| .. | ||
| ldap | ||
| oauth2server | ||
| openid | ||
| auth.go | ||
Add redirect URI validation that allowlists vikunja-* custom protocol schemes, rejecting http/https and dangerous schemes like javascript:. Add PKCE S256 verification following RFC 7636. |
||
|---|---|---|
| .. | ||
| ldap | ||
| oauth2server | ||
| openid | ||
| auth.go | ||