|
|
|
|
|
|
by mbreese
527 days ago
|
|
|
> passes through a third-party HTTP redirect service The vendor might not be the only party to use an HTTP redirect service too! My email goes through a security screen by $EMPLOYER, which also rewrites links to get processed through their redirect service. Sure, it's for company-approved reasons, but it's still another party that has access to the login token. |
|
|