You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I need to preserve state after redirecting (eg, using a custom parameter), but it seems the state parameter is currently only used for CSRF token. Is there another way to preserve state?
The text was updated successfully, but these errors were encountered:
I don't believe the state parameter is limited to CSRF token, so you could encode a CSRF token and other state data into the state parameter.
Better, if there's any non-public data in the state that you want to preserve, would be to store it locally associated with the CSRF token and retrieve it after verifying the CSRF token. IIRC I store the CSRF token as a Redis key with the state for the value.
I need to preserve state after redirecting (eg, using a custom parameter), but it seems the state parameter is currently only used for CSRF token. Is there another way to preserve state?
The text was updated successfully, but these errors were encountered: