Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
|
pfohf's comments
login
pfohf
on Dec 14, 2019
|
parent
|
context
[–]
| on:
Ask HN: What's the current sentiment on JWT for st...
Use a proper JOSE module like
https://www.npmjs.com/package/jose
that uses native node's crypto key objects (ergo not leaving you vulnerable to HMAC based validation bypass) and doesn't even implement "none" algorithm.
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search: