T
T
tester_toster2017-07-30 00:43:54
Passwords
tester_toster, 2017-07-30 00:43:54

How bad is it to pass oauth token in _GET or _POST?

I am using laravel passport to generate api tokens for the application.
Frontend: mobile application, web (vue.js).
Redefined request so that if there is a token in post or get, it is added to the header.
What is it for?

Answer the question

In order to leave comments, you need to log in

1 answer(s)
S
Semyon Beloglazov, 2017-07-30
@tester_toster

It is fraught with the fact that especially attentive uncles can take your token and use it for their own purposes. If the application grows, then believe me, you do not want it. So it's better not to do that.

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question