iamcosmin
commented
2 years ago It is VERY important that you have HTTP Strict Forward Secrecy enabled and the proper headers applied to your responses or you could be subject to a javascript hijack.
Please see:
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security https://www.netsparker.com/blog/web-security/http-security-headers/
https://pub.dev/packages/flutter_secure_storage