Open KrishnaPG opened 6 years ago
Storing it in sessionStorage instead of localStorage might be a slightly better idea.
we have a probably related issue here https://github.com/netlify/gotrue-js/pull/37
i think this is a downstream thing and if we merge that we may fix this
@dustincrogers @merlyn-at-netlify - Mind having a look here and validating the finding and creating next steps?
Is there an option that specifies that the entries stored (by netlify widget) in the localStorage should be encrypted (so that users cannot alter the token or related attributes) ?
If not exists, would it make sense to add it as feature? If we are doing client side token validation, then perhaps the data should not be tampered with. (Server side token validations may not need it, perhaps)