Specify wildcharacters in re-direct URI

can we specify whilecharacters like * in while setting them in re-direct URI

localhost:3000/ui/* => if I set this URL

can we access localhost:3000/ui/2345 will it pass cors for this url.

Thank you.

Hi @maroom

Unfortunately, adding wildcards to redirect URIs is not possible due to possible security risks that might occur when the user accesses a different URL than the one he originally wanted.

2.1. Protecting redirect-based flows

Authorization servers shall utilize exact matching of client redirect URIs against pre-registered URIs. This measure contributes to the prevention of leakage of authorization codes and access tokens (depending on the grant type). It also helps to detect mix-up attacks.

Clients shall avoid any redirects or forwards which can be parameterized by URI query parameters, in order to provide a further layer of defence against token leakage. If there is a need for this kind of redirects, clients are advised to implement appropriate countermeasures against open redirection, e.g., as described by OWASP

https://tools.ietf.org/id/draft-ietf-oauth-security-topics-06.html

1 Like