# HG changeset patch # User Kim Alvefur # Date 1685641037 -7200 # Node ID efe9e741f2224eeeffaf742d3838dd271489cdde # Parent 7d9dce4e7dd0161b831578b07c32c401dfccb4cc mod_http_oauth2: Correct loopback URL example The s in the scheme should not be there, only unencrypted http to loopback interface is allowed. diff -r 7d9dce4e7dd0 -r efe9e741f222 mod_http_oauth2/README.markdown --- a/mod_http_oauth2/README.markdown Thu Jun 01 18:32:59 2023 +0200 +++ b/mod_http_oauth2/README.markdown Thu Jun 01 19:37:17 2023 +0200 @@ -121,7 +121,7 @@ same hostname part as the `client_uri`. - If `application_type` equals `native` then all `redirect_uris` **MUST** match one of: - - Loopback `http://` URI, e.g. `https://127.0.0.1:8080/` + - Loopback HTTP URI, e.g. `http://127.0.0.1/` or `http://[::1]` - Application-specific scheme, e.g. `com.example.app:/` - The special OOB URI `urn:ietf:wg:oauth:2.0:oob` - Informative URIs such as policy and terms of service **MUST** use