Even if short-lived and have no write permissions, this pattern is prone to security vulnerabilities. We should store those personal shouts JWTs in the server-side PHP session somehow !
https://medium.com/redteam/stealing-jwts-in-localstorage-via-xss-6048d91378a0
Even if short-lived and have no write permissions, this pattern is prone to security vulnerabilities. We should store those personal shouts
JWTs in the server-side PHP session somehow !https://medium.com/redteam/stealing-jwts-in-localstorage-via-xss-6048d91378a0