Description metas

2026-01-11 14:30:49 +01:00 · 2023-09-25 18:39:06 +02:00
parent f7dc080eae
commit ec719182c8
3 changed files with 19 additions and 2 deletions
--- a/src/flow/code.html
+++ b/src/flow/code.html
@@ -3,7 +3,13 @@
 <head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
-    <title>OAuth 2.0 Playground - Authorization Code Flow (1/3)</title>
+    <title>OAuth 2.0 Playground - Authorization Code Flow</title>
+    <meta name="description" content="OAuth 2.0 protocol designed for web applications that can securely store client secrets.
+                                    The application directs users to an authorization server to log in and grant permissions. Upon consent, the server
+                                    issues an authorization code. The application then exchanges this code for an access token in a server-to-server
+                                    request, using its client ID, client secret, and redirection URI. This flow ensures the access token is never directly
+                                    exposed to users, offering enhanced security. It's best suited for server-side web applications with the capability to
+                                    protect the client secret." />
    <link rel="icon" href="../favicon.ico" type="image/x-icon">
    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/materialize/1.0.0/css/materialize.min.css">
    <link type="text/css" rel="stylesheet" href="../css/style.css" />
--- a/src/flow/pkce.html
+++ b/src/flow/pkce.html
@@ -3,7 +3,13 @@
 <head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
-    <title>OAuth 2.0 Playground - PKCE Flow (1/4)</title>
+    <title>OAuth 2.0 Playground - PKCE Flow</title>
+    <meta name="description" content="Proof Key for Code Exchange is a security protocol for the OAuth 2.0 authorization framework, designed to prevent
+                                    interception attacks in the authorization code flow. It's especially crucial for mobile or single-page applications
+                                    where storing a client secret securely is challenging. In PKCE, the client creates a dynamic 'code verifier' and its
+                                    transformed 'code challenge.' The server remembers this challenge, and when the authorization code is exchanged for an
+                                    access token, the client provides the original verifier. The server validates it against the stored challenge, ensuring
+                                    added security against malicious interceptions." />
    <link rel="icon" href="../favicon.ico" type="image/x-icon">
    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/materialize/1.0.0/css/materialize.min.css">
    <link type="text/css" rel="stylesheet" href="../css/style.css" />
--- a/src/index.html
+++ b/src/index.html
@@ -5,6 +5,11 @@
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>OAuth 2.0 Playground</title>
+    <meta name="description" content="This playground serves as an interactive platform designed to familiarize developers and students with the
+                intricacies of OAuth authentication processes. Beyond just theoretical knowledge, this playground provides practical
+                insights into the OAuth token exchange, callback handling, and potential pitfalls or challenges one might face during real-world integrations. The ultimate aim
+                is to bolster understanding and confidence in implementing OAuth, ensuring secure and efficient user authentication and authorization
+                in modern web applications." />
    <link rel="icon" href="favicon.ico" type="image/x-icon">
    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/materialize/1.0.0/css/materialize.min.css">
    <link type="text/css" rel="stylesheet" href="css/style.css" />