Open AstRonin opened 9 months ago
Hi all,
JWT has security issue about sidejacking.
https://cheatsheetseries.owasp.org/cheatsheets/JSON_Web_Token_for_Java_Cheat_Sheet.html#token-sidejacking
OWASP suggests to add a fingerprint into cookies to prevent using stolen token.
Do we have any ideas how we can implement this suggestion?
Hi all,
JWT has security issue about sidejacking.
https://cheatsheetseries.owasp.org/cheatsheets/JSON_Web_Token_for_Java_Cheat_Sheet.html#token-sidejacking
OWASP suggests to add a fingerprint into cookies to prevent using stolen token.
Do we have any ideas how we can implement this suggestion?