-
### Describe the bug
Invalid token is generated for USGov environment.
### Expected behavior
Performing the operation "Clear-MgSecurityCaseEdiscoveryCaseSearchData_PurgeExpanded" without error.…
-
Currently, we use an `ARG GITHUB_TOKEN` in the Dockerfile for cameo and cameo-solvers. **This is insecure and can expose your token!**
In order to demonstrate:
```
docker pull biosustain/cameo-so…
-
When this error occurs in the client browser:
`The form security failed because of a token mismatch. Please reload the form and check that your cookies are on`
Part of the error message could the fo…
-
Tokens are currently stored in plain-text on disk. Anyone who gains access to the token can authenticate as the user.
Investigate ways of shoring up this problem.
-
### 🌟 GitHub Issue: Enhanced Dashboard, Profile, and Role-Based Features
#### 🚀 **Overview**
This issue details planned upgrades to improve the user interface, add role-based functionalities, and…
-
Hi, I have a problem with security token. I tried almost everything that I could find, but nothing helps.
A have a site "http://demo.dreamind.cz/". But my web hosting, has a weird folder structure,…
-
Over the last 2 weeks, if I tried to use the EMP Connector, it continually failed to log in to my developer org. it seems that when a security token is added to the password in the DevLoginExample jav…
-
The actual API doesn't include a safety mechanism that prevents someone to use an old - yet still valid - intercepted refresh token.
One solution could be a iat comparison with the accessToken.
If…
-
docs: https://inertia-rails.dev/guide/csrf-protection
reference: https://guides.rubyonrails.org/security.html#csrf-countermeasures
here is the video showing X-XSRF-TOKEN doesn't work but X-CSRF-…
-
I think a good idea would be to add security token auth for some webhooks..