-
spin-off from https://github.com/OWASP/ASVS/issues/1925 "proposal 4"
From @TobiasAhnoff
> 4 Verify that only access-tokens are used for authorization by the RS (not id-tokens or other kinds of t…
-
Would it possible to modify the SignOut method in Microsoft.Identity.Web.UI - AccountController.cs to invalidate the user's access token on the server?
My app using Microsoft.Identity.Web.UI 1.16.0…
-
Hi, I'm coming from https://github.com/argoproj/argo-cd/issues/455
# Summary
Implement refresh tokens in ArgoCD Web UI.
# Motivation
For security reasons, all access tokens are short-livin…
-
Hello.
I would like to start implementing a plugin to detect CVE-2024-28255,This vulnerability should be relatively new and has been patched.
https://nvd.nist.gov/vuln/detail/CVE-2024-28255
https://…
uuuj4 updated
10 hours ago
-
The oauth/tokens endpoint is already deprecated for removal due to security concerns. The path forward is described in [this doc](https://docs.google.com/document/d/1Xi5MRk8WdBWFC3N_eSmVcrLhk3yu5nJ9x_…
-
We should explore incorporating a mechanism to automatically redact sensitive fields when users log data. If users input information such as tokens, API keys, passwords, or similar sensitive data, we …
-
# Implement NUT-05: Melting Tokens
## Issue Description
We need to implement the melting operation as described in NUT-05 of the Cashu protocol. This operation allows users to spend their tokens…
-
### Enviroment
- Operating System: Darwin
- Node Version: v20.5.0
- Nuxt Version: 3.11.1
- CLI Version: 3.11.1
- Package Manager: pnpm@8.14.1
- User Config: devtools, modules,…
-
### Description of the bug
Even with the latest version 2.8.1 I get continuous "Missing or invalid security token" errors in the Prusa Connect tab.
This issue is similar but not exactly the same…
-
Hi Dan,
I am also starting to learn JTE after watching some of your video's, thanks for those!
After watching the latest one, I think you can improve a bit how you handle the CSRF tokens to make…