DEV Community

loading...

Discussion on: The Ultimate Guide to JWT client side auth (Stop using local storage!!!)

cyberhck profile image
Nishchal Gautam

also this:

Google will join Safari and Firefox in blocking third-party cookies in its Chrome web browser. However, unlike those browsers (which have already started blocking them by default),

Thread Thread
daniguardiola profile image
Dani Guardiola_

This post is misinformed. The only thing that had to change about the situation is to stop being vulnerable to XSS. As long as there's a token, it can be stolen, no matter how many steps it takes from having the token to using it to access the account. Making those tokens short-lived is a good practice but doesn't change the facts.

I'm with you brother.

Forem Open with the Forem app