[openstreetmap/openstreetmap-website] OAuth flow should show more information about the application requesting rights (Issue #4217)
Pieter Vander Vennet
notifications at github.com
Fri Sep 1 21:29:53 UTC 2023
That is precisely what I mean.
About https://github.com/openstreetmap/openstreetmap-website/pull/3177#issuecomment-840490033
where Tomhughes writes:
> I don't the OSM username of the person that created the application tells you much though - if you do that for iD or Potlatch then I think it points at me (tomhughes) for example!
I did register an account named `MapComplete` which is the 'owner' of the MapComplete client registration.
>From a security perspective, one can still register the user names `mapcomplete`, `mapComplete` or `Mapcomplete` (different casing) - not to mention `MapComplеte` (with a cyrillic `е` instead of an `e`).
--
Reply to this email directly or view it on GitHub:
https://github.com/openstreetmap/openstreetmap-website/issues/4217#issuecomment-1703337778
You are receiving this because you are subscribed to this thread.
Message ID: <openstreetmap/openstreetmap-website/issues/4217/1703337778 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstreetmap.org/pipermail/rails-dev/attachments/20230901/1590f7e4/attachment.htm>
More information about the rails-dev
mailing list