Closed cch5ng closed 5 years ago
go back and skim the owasp list for things to check
https://github.com/component/escape-html
https://www.owasp.org/images/7/72/OWASP_Top_10-2017_%28en%29.pdf
few articles on how token should be saved using cookies (vs localstorage)...
[ ] client input validation
added min email validation to registration
did not modify email and password validation on login
[ ] server input validation
[ ] escaping