API authentication should not be the same as the forms #46

Open
opened 2021-06-16 19:51:54 +02:00 by Sceptique · 0 comments
Owner

Usual form need CRLF to avoid reuse, but JSON API should not need it. We must then avoid using cookies as a authentication method for JSON API

Usual form need CRLF to avoid reuse, but JSON API should not need it. We must then avoid using cookies as a authentication method for JSON API
Sceptique added this to the To sort project 2021-06-16 19:51:58 +02:00
Sceptique added the
security
label 2021-06-18 21:51:57 +02:00
Sceptique added this to the v3.0.alpha (-A better world-) milestone 2021-06-28 19:39:51 +02:00
Sceptique modified the project from To sort to Current Sprint (v3.0 alpha open) 2021-06-28 21:56:45 +02:00
Sign in to join this conversation.
No Assignees
1 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: Sceptique/LifePex#46
No description provided.