not implement JWE ? insecure ? | ww.wp.xz.cn

Fabri
(@fabrisancho)

6 years, 10 months ago

this plugin not implement JWE, JSON Web Encryption. The payload is in plain text (base64 only), it’s just another csrf

and there is no hook to solve it externally 🙁

$segments[] = static::urlsafeB64Encode(static::jsonEncode($payload));

The topic ‘not implement JWE ? insecure ?’ is closed to new replies.

0 replies
1 participant
Last reply from: Fabri
Last activity: 6 years, 10 months ago
Status: not resolved