Y
Hacker News
new
|
ask
|
show
|
jobs
by
detaro
1603 days ago
This seems to confuse terminology a bit. The problem described isn't with using tokens (which is good standard practice), but specifically with using signed tokens and relying purely on the information in them.