Skip to content

Commit

Permalink
update ChangeLog
Browse files Browse the repository at this point in the history 
Signed-off-by: Hans Zandbelt <[email protected]>
  • Loading branch information
@zandbelt
zandbelt committed Oct 31, 2023
1 parent c5a72a6 commit cf4b650
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions ChangeLog
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,8 +4,8 @@
- remove obsolete support for Token Binding https://www.rfc-editor.org/rfc/rfc8471.html (id_token, access_token, session cookie)
- use only the User-Agent header as input for the state browser fingerprinting by default (no X-Forwarded-For)
as cloud environments increasingly use dynamic proxy IPs in front
- use PKCE S256 by default
- use PKCE S256 by default; disable by configuring "OIDCPKCEMethod none"

10/30/2023
- do not apply logout_on_error and authenticate_on_error when a parallel refresh token request is detected
see https://github.com/OpenIDC/mod_auth_openidc/discussions/1132; thanks @esunke
Expand Down

0 comments on commit cf4b650

Please sign in to comment.