From f444273a4202da2c44416a9352e90dde75507648 Mon Sep 17 00:00:00 2001
From: Michael Telatynski <7t3chguy@gmail.com>
Date: Fri, 13 Nov 2020 12:00:45 +0000
Subject: [PATCH] be stricter on the icon url

---
 proposals/2858-Multiple-SSO-Identity-Providers.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/proposals/2858-Multiple-SSO-Identity-Providers.md b/proposals/2858-Multiple-SSO-Identity-Providers.md
index d7321d36..e3d3059c 100644
--- a/proposals/2858-Multiple-SSO-Identity-Providers.md
+++ b/proposals/2858-Multiple-SSO-Identity-Providers.md
@@ -53,6 +53,7 @@ ALPHA  DIGIT  "-" / "." / "_" / "~"
 The `name` field should be the human readable string intended for printing by the client.
 
 The `icon` field is the only optional field and should point to an icon representing the IdP.
+If present then it must be an HTTPS URL to an image resource of type `image/png` or `image/svg+xml`.
 
 
 A new endpoint would be needed to support redirecting directly to one of the IDPs: