Details
-
Change Request
-
Resolution: Persuasive
-
Highest
-
SMART on FHIR (FHIR)
-
2.0.0
-
FHIR Infrastructure
-
STU
-
Overview
-
1.6.1.1
-
-
Gino Canessa/Yunwei Wang: 13-0-0
-
Correction
-
Non-substantive
Description
An opaque value used by the client to maintain state between the request and callback. The authorization server includes this value when redirecting the user-agent back to the client. The parameter SHALL be used for preventing cross-site request forgery or session fixation attacks.
It might be clearer to move the state entropy requirements to this table.
This is not a specification element but a purpose. What behavior is required?
Attachments
Issue Links
- is voted on by
-
BALLOT-17328 Negative - Bas van den Heuvel : 2021-May-HL7 FHIR IG SMART APP LAUNCH R2 STU
- Closed
-
BALLOT-17714 Negative - Ana Kostadinovska : 2021-May-HL7 FHIR IG SMART APP LAUNCH R2 STU
- Closed
-
BALLOT-17776 Negative - Ricardo Quintano : 2021-May-HL7 FHIR IG SMART APP LAUNCH R2 STU
- Closed
-
BALLOT-17820 Negative - Timon Grob : 2021-May-HL7 FHIR IG SMART APP LAUNCH R2 STU
- Closed
-
BALLOT-17860 Negative - Chris Melo : 2021-May-HL7 FHIR IG SMART APP LAUNCH R2 STU
- Closed
-
BALLOT-17919 Negative - Javier Espina : 2021-May-HL7 FHIR IG SMART APP LAUNCH R2 STU
- Closed