top | item 38414379 (no title) marius_k | 2 years ago Using xss one might target login form and steal username/password instead of a token. So I do not see argument here against jwt. Sure the xss will have to be more sofisticated(?) discuss order hn newest aidos|2 years ago I’m not arguing for / against any specific technology. I’m saying that relying on a lack of security flaws in one layer isn’t a great idea.
aidos|2 years ago I’m not arguing for / against any specific technology. I’m saying that relying on a lack of security flaws in one layer isn’t a great idea.
aidos|2 years ago