|
|
|
|
|
|
by driminicus
1678 days ago
|
|
|
We are actually working on fixing the password sending issue, see for instance https://github.com/matrix-org/matrix-doc/pull/3262 Of course, untrusted clients can do all kinds of evil things after having authenticated. (And also clients still need the plaintext password at least client-side no matter what we do) |
|
|
Are matrix devs seriously not aware of what OAuth is and does? That is ... concerning.