Stream: smart
Topic: Valid launch URL
Jenni Syed (Oct 21 2020 at 16:29):
I'm not seeing anything specific in the spec, but what all is valid in the launch url for SMART? EG, in OAuth 2, they call out very specifically what a redirect can have/how it must be formatted: https://tools.ietf.org/html/rfc6749#section-3.1.2
Jenni Syed (Oct 21 2020 at 16:30):
The only like I can find in SMART is that it must be absolute (would be nice to reference a definition of that)... am I missing it? If so, I can log an issue
Jenni Syed (Oct 21 2020 at 16:30):
I assume we wouldn't want fragments... I'm curious about query string
Josh Mandel (Oct 21 2020 at 17:24):
Agree we don't/shouldn't expect fragments here. Query strings I believe I've seen, and the recommenations at https://tools.ietf.org/html/rfc6749#section-3.1.2 to "retained when adding additional query parameters" seem spot-on. This is something we can take up in our Argonaut calls if you want to submit a PR ;-)
Jenni Syed (Oct 21 2020 at 17:40):
I can @Josh Mandel :) That brings up another question. Will these types of changes make it into an errata release? SMART 2.0 is breaking, but some of these are more errata clarifications that don't break the existing spec or make changes to them
Josh Mandel (Oct 21 2020 at 18:09):
My leaning would be not to go back and make these kinds of clarifications in an errata release, but if there are things for example that are falling into certification testing and causing problems for that reason, it could be worthwhile.
Josh Mandel (Oct 21 2020 at 18:09):
I would say let's try to get the guidance in shape for a 2.0 and decide if there are specific clarifications that we feel are important to bring backwards.
Last updated: Apr 12 2022 at 19:14 UTC
