|
|
|
|
|
|
by heme
4292 days ago
|
|
|
Isn't the point of this not to secure some thing, as in "no access", but to sign something and trust it (i.e. a server signs a token and hands it off to another machine/app)? If your point is "nothing is secure in the browser" then that includes the secured content sent down by a secure server no matter the method. |
|
|