Y
Hacker News
new
|
ask
|
show
|
jobs
by
mrmagooey
3287 days ago
Isn't JWT a modern alternative to CSRF tokens?
1 comments
vmasto
3286 days ago
It's not. If you think it is you probably store JWT unsafely instead of in an httpOnly secure cookie.
link
hawkweed
3286 days ago
Why do you think storing JWT in secure cookie is only secure solution?
link