[openstreetmap/openstreetmap-website] Allow HTTP to localhost on list of redirect URIs for OAuth2 applications (Issue #3613)
Paul Norman
notifications at github.com
Sun Jul 24 21:44:28 UTC 2022
Browsers can treat [localhost as secure](https://www.w3.org/TR/secure-contexts/#localhost) only if they [force localhost to resolve to a loopback address](https://datatracker.ietf.org/doc/html/draft-west-let-localhost-be-localhost).
So there's no guarantee it will be secure, although in practice I believe it is for all currently used browsers.
--
Reply to this email directly or view it on GitHub:
https://github.com/openstreetmap/openstreetmap-website/issues/3613#issuecomment-1193399513
You are receiving this because you are subscribed to this thread.
Message ID: <openstreetmap/openstreetmap-website/issues/3613/1193399513 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstreetmap.org/pipermail/rails-dev/attachments/20220724/f8df9b69/attachment-0001.htm>
More information about the rails-dev
mailing list