From ca57b001b94c040461d42c2163ca83bb65485eca Mon Sep 17 00:00:00 2001
From: skalkii <127269670+skalkii@users.noreply.github.com>
Date: Fri, 24 Apr 2026 12:55:18 +0530
Subject: [PATCH] docs(test): cross-reference #8897 on cookie-strategy OAuth
 state CSRF test (#9334)

---
 .../src/plugins/generic-oauth/generic-oauth.test.ts            | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/packages/better-auth/src/plugins/generic-oauth/generic-oauth.test.ts b/packages/better-auth/src/plugins/generic-oauth/generic-oauth.test.ts
index 2c5dbb4111..948488a74e 100644
--- a/packages/better-auth/src/plugins/generic-oauth/generic-oauth.test.ts
+++ b/packages/better-auth/src/plugins/generic-oauth/generic-oauth.test.ts
@@ -1040,6 +1040,9 @@ describe("oauth2", async () => {
 		expect(session.data?.user.name).toBe("OAuth2 Cookie State");
 	});
 
+	/**
+	 * @see https://github.com/better-auth/better-auth/issues/8897
+	 */
 	it("should reject cookie-backed OAuth when callback state does not match the issued state", async () => {
 		const { customFetchImpl, cookieSetter } = await getTestInstance({
 			plugins: [