Skip to content

Commit

Permalink
typo
Browse files Browse the repository at this point in the history
  • Loading branch information
@aaronpk
aaronpk committed Jul 21, 2022
1 parent 103146d commit 676cbfb
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion draft-ietf-oauth-v2-1.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -777,7 +777,7 @@ context, CSRF refers to requests to the redirection endpoint that do
not originate at the authorization server, but a malicious third party
(see Section 4.4.1.8. of {{RFC6819}} for details). Clients that have
ensured that the authorization server supports the `code_challenge` parameter MAY
rely the CSRF protection provided by that mechanism. In OpenID Connect flows,
rely on the CSRF protection provided by that mechanism. In OpenID Connect flows,
validating the `nonce` parameter provides CSRF protection. Otherwise, one-time
use CSRF tokens carried in the `state` parameter that are securely
bound to the user agent MUST be used for CSRF protection (see
Expand Down

0 comments on commit 676cbfb

Please sign in to comment.