roland/qsjs (#990)

RolandGuijt · roland · web-flow · commit 73a7d1c84e56 · 2026-01-19T18:24:11.000+01:00
* Correct BFF qs code for BFF v4, add warnings around SPAs without a backend.

* Fix broken links in js-without-backend.md

---------

Co-authored-by: roland &lt;roland@duendesoftware.com&gt;
diff --git a/src/content/docs/identityserver/quickstarts/javascript-clients/js-without-backend.md b/src/content/docs/identityserver/quickstarts/javascript-clients/js-without-backend.md
@@ -26,9 +26,9 @@ Connect/OAuth protocol interactions occur from the JavaScript code running in
 the browser. Also, invoking the API will be performed directly from the
 JavaScript in the browser.
 
-**This design has security concerns. It is no longer recommended.** See [overview](index.md) 
+**This design has security concerns. It is no longer recommended.** See [overview](/identityserver/quickstarts/javascript-clients/index.md) 
 for details.
-The current best practice uses the [BFF pattern](js-with-backend.mdx).
+The current best practice uses the ["BFF" pattern](/identityserver/quickstarts/javascript-clients/js-with-backend.mdx).
 
 In this quickstart the user will log in to IdentityServer, invoke an API with an
 access token issued by IdentityServer, and logout of IdentityServer. All of this
