Here's one: The access token is sent in the address bar, so it ... • Aaron Parecki

80°F

alianora https://cybre.space/@nightpool • May 2
@aaronpk but the browser is also the one executing the code that's verifying whether the browser transferred the data correctly? maybe a concrete attack would help me get my head around this better

Here's one: The access token is sent in the address bar, so it becomes part of the browser history. This will be written to disk, and possibly even synced to the browser's "cloud" and then even synced down to other devices.

Mountain View, California • 49°F

Thu, May 2, 2019 10:07am -07:00

1 reply
Have you written a response to this? Let me know the URL:
- alianora cybre.space/@nightpool
  
  @aaronpk sure, but a malicious browser could also save the entire js state to disk in exactly the same way (and some do a limited version of this for caching purposes). so it's hard for me to think of that as a security benefit? this is only more secure if everyone along the line behaves exactly in the way you expect it to
  
  Thu, May 2, 2019 5:26pm +00:00

Posted in /replies using monocle.p3k.io