Open standards for redirection may be open to abuse

05/9/2014 | Programmable Web

Risks posed by the redirect parameter of OpenID and OAuth 2.0 may allow attackers to obtain user data due to a security flaw. The two open standards allow users to log into a website using credentials from another site, but this ability must be secured to avoid the creation of an "open redirector" that can be used to take the user to an attacker's location, writes Patricio Robles.

View Full Article in:

Programmable Web

Published in Brief:

SmartBrief Job Listings for Media

Job Title Company Location
Full(ish) Stack Engineer (PHP)
Advertising Age
New York, NY
Senior Sales Manager
OnProcess Technology
Affiliate Solutions Consultant
Conversant
Santa Barbara, CA
Ad Operations Manager, The Atlantic
Atlantic Media
Washington, DC
Associate Director of Ad Operations
Opera Mediaworks
New York, NY