The state is limited to 128 characters but server errors when exceeded
Opened this issue · 0 comments
SpraxDev commented
Describe the bug
Just received an error log about SQL errors happening in production and it seems like somebody is trying to use an JWT token as state.
So this is report is actually two bugs:
- Exceeding the limit causes an server-side error returning an HTTP status code 500
- The limit should probably be greater than 128 characters as JWT is a valid use case
Screenshots, Videos, Logs or Errors
Yeah in the error log file, not posting a users redirect URL etc. :p