Y
Hacker News
new
|
ask
|
show
|
jobs
by
remram
1848 days ago
In this context, this would just prevent everybody from logging in. The JWT would correctly get rejected but people would still be getting the wrong token from the CDN over and over.
1 comments
iratewizard
1848 days ago
Which would you rather? The situation you just described or users accidentally spoofing each other's session?
link