Skip to main content

8. Security Considerations (安全考虑)

8.1. Protecting the Authorization Code (保护授权码)

8.2. OAuth Implicit Grant Authorization Flow (OAuth 隐式授权流程)

8.3. Loopback Redirect Considerations (环回重定向考虑)

8.4. Registration of Native App Clients (原生应用客户端注册)

8.5. Client Authentication (客户端身份验证)

8.6. Client Impersonation (客户端冒充)

8.7. Fake External User-Agents (伪造外部用户代理)

8.8. Malicious External User-Agents (恶意外部用户代理)

8.9. Cross-App Request Forgery Protections (跨应用请求伪造保护)

8.10. Authorization Server Mix-Up Mitigation (授权服务器混淆缓解)

8.11. Non-Browser External User-Agents (非浏览器外部用户代理)

8.12. Embedded User-Agents (嵌入式用户代理)

8.1. Protecting the Authorization Code (保护授权码)
8.2. OAuth Implicit Grant Authorization Flow (OAuth 隐式授权流程)
8.3. Loopback Redirect Considerations (环回重定向考虑)
8.4. Registration of Native App Clients (原生应用客户端注册)
8.5. Client Authentication (客户端身份验证)
8.6. Client Impersonation (客户端冒充)
8.7. Fake External User-Agents (伪造外部用户代理)
8.8. Malicious External User-Agents (恶意外部用户代理)
8.9. Cross-App Request Forgery Protections (跨应用请求伪造保护)
8.10. Authorization Server Mix-Up Mitigation (授权服务器混淆缓解)
8.11. Non-Browser External User-Agents (非浏览器外部用户代理)
8.12. Embedded User-Agents (嵌入式用户代理)