Closed rtoal closed 10 years ago
Auth tokens in query parameters are completely insecure. Hide them in a header. Make sure you find a good native-Go or reputable 3rd party library for token management or general-purpose authentication rather than trying to roll your own.
Sessionids are now expected in the header in routes that require authentication 745c2c5
Sessionid
Auth tokens in query parameters are completely insecure. Hide them in a header. Make sure you find a good native-Go or reputable 3rd party library for token management or general-purpose authentication rather than trying to roll your own.