Skip to content

Commit 6aaab8e

Browse files
masv3971masv3971
committed
Same prevention to send null bytes and what not.
1 parent aac8e4a commit 6aaab8e

File tree

1 file changed

+1
-1
lines changed

1 file changed

+1
-1
lines changed

pkg/openid4vci/token.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -19,7 +19,7 @@ type TokenRequest struct {
1919
GrantType string `form:"grant_type" json:"grant_type" validate:"required,oneof=authorization_code"`
2020

2121
// Code REQUIRED. The authorization code received from the authorization server.
22-
Code string `form:"code" json:"code" validate:"required"`
22+
Code string `form:"code" json:"code" validate:"required,max=128,printascii"`
2323

2424
// RedirectURI REQUIRED, if the "redirect_uri" parameter was included in the authorization request as described in Section 4.1.1, and their values MUST be identical.
2525
RedirectURI string `form:"redirect_uri" json:"redirect_uri" validate:"required"`

0 commit comments

Comments
 (0)