comparison mod_auth_ha1/mod_auth_ha1.lua @ 5407:149634647b48

mod_http_oauth2: Don't issue client_secret when not using authentication This is pretty much only for implicit flow, which is considered insecure anyway, so this is of limited value. If we delete all the implicit flow code, this could be reverted.
author Kim Alvefur <zash@zash.se>
date Tue, 02 May 2023 16:39:32 +0200
parents 31c4d92a81e5
children
comparison
equal deleted inserted replaced
5406:b86d80e21c60 5407:149634647b48