Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-67528

Use 127.0.0.1 instead of localhost for redirect_uri in QOAuth2AuthorizationCodeFlow

    XMLWordPrintable

    Details

    • Commits:
      c85304484261af2fc046c909087549799a5979f9 (qt/qtnetworkauth/5.12)

      Description

      When I'm using QOAuth2AuthorizationCodeFlow, together with the QOAuthHttpServerReplyHandler, it uses http://localhost:{PORT}/ as the redirect uri. However, in section 8.3 of RFC 8252 (https://tools.ietf.org/html/rfc8252#section-8.3), it is specifically NOT RECOMMENDED to use localhost, but instead to use 127.0.0.1.

      I would say that it is better to follow this by default, but at least make it configurable.

        Attachments

        For Gerrit Dashboard: QTBUG-67528
        # Subject Branch Project Status CR V

          Activity

            People

            • Assignee:
              jefernan Jesus Fernandez
              Reporter:
              jharmannij jharmannij
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Gerrit Reviews

                There are no open Gerrit changes