Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
T
T
tester_toster2017-07-30 00:43:54
Passwords
tester_toster, 2017-07-30 00:43:54

How bad is it to pass oauth token in _GET or _POST?

I am using laravel passport to generate api tokens for the application.
Frontend: mobile application, web (vue.js).
Redefined request so that if there is a token in post or get, it is added to the header.
What is it for?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
S
Semyon Beloglazov, 2017-07-30
@tester_toster

It is fraught with the fact that especially attentive uncles can take your token and use it for their own purposes. If the application grows, then believe me, you do not want it. So it's better not to do that.

Similar questions
L
likejavascript2013-04-12 08:57:20
How to securely implement a password reset on a website 3Reply
R
Rabo2020-06-16 19:23:12
How to log into a non-started user account without entering and resetting the password? 1Reply
P
Pavel2020-06-19 14:23:25
How to unpack many password-protected archives with different passwords? 1Reply
M
maxiprox2016-02-05 11:15:10
How to disable password entry in Outlook 2013? 2Reply
C
Chvalov2016-02-07 02:05:03
They stole Login Data and other passwords, should I be afraid? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question