Hi,
you are right, iframe is not the correct techniquehere. Browsers are
embedded into a native UI using browser widget or something similar. I
think "... embedding a browser into the application's user interface
when requesting end-user authorization ..." would fit better.
regards,
Torsten.
Am 11.11.2011 09:23, schrieb matake@gmail:
Hi all,
I'm now translating OAuth 2.0 Core& Bearer specs into Japanese with my friends.
I have one question on section 10.3 in Core spec.
"To prevent this form of attack, native applications SHOULD use external browsers
instead of embedding browsers in an iframe when requesting end-user authorization."
Here, what do you mean for "in an iframe"?
I thought it means "embedded browser is in an iframe", but I can't imagine it
can be..
Thanks in advance
--
nov matake
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
