Hacker News new | past | comments | ask | show | jobs | submit | pfohf's comments login

Use a proper JOSE module like https://www.npmjs.com/package/jose that uses native node's crypto key objects (ergo not leaving you vulnerable to HMAC based validation bypass) and doesn't even implement "none" algorithm.


Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: