docs: Clarify third party apps NOT use embedded view (#8322)

# Which Problems Are Solved The text appears to contradict the statement in the page on oauth.net. # How the Problems Are Solved The text has been updated to reflect the statement in the page on oauth.net. # Additional Changes None # Additional Context The page [OAUTH2.0 for mobile and native apps](https://oauth.net/2/native-apps/) linked just above the text that was changed states: > It describes things like not allowing the third-party application to open an embedded web view which is more susceptible to phishing attacks, as well as platform-specific recommendations on how to do so. Co-authored-by: Max Peintner <max@caos.ch>
2024-11-22 00:39:36 +00:00 · 2024-08-06 03:22:57 -04:00 · 2024-08-06 03:22:57 -04:00 · 0f6003f9a1
commit 0f6003f9a1
parent 31ecbe04ec
1 changed files with 2 additions and 2 deletions
--- a/docs/docs/examples/login/flutter.md
+++ b/docs/docs/examples/login/flutter.md
@ -65,8 +65,8 @@ The [RFC 8252 specification](https://tools.ietf.org/html/rfc8252) defines how
 Basically, there are two major points in this specification:

 1. It recommends to use [PKCE](https://oauth.net/2/pkce/)
-2. It does not allow third party apps to open the browser for the login process,
-   the app must open the login page within the embedded browser view
+2. It does not allow third party apps to use an embedded web view for the login process,
+   the app must open the login page within the default browser

 First install [http](https://pub.dev/packages/http) a library for making HTTP calls,
 then [`flutter_web_auth_2`](https://pub.dev/packages/flutter_web_auth_2) and a secure storage to store the auth / refresh tokens [flutter_secure_storage](https://pub.dev/packages/flutter_secure_storage).