You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I believe we should be able to do this since the web UI acquires its own OAuth tokens and does stuff with that. Although I guess if it's compromised via an XSS attack the XSS code could maybe just steal the OAuth tokens? I think this depends on how we scope things out. I may end up filing a followup to audit that.
The text was updated successfully, but these errors were encountered:
I believe we should be able to do this since the web UI acquires its own OAuth tokens and does stuff with that. Although I guess if it's compromised via an XSS attack the XSS code could maybe just steal the OAuth tokens? I think this depends on how we scope things out. I may end up filing a followup to audit that.
The text was updated successfully, but these errors were encountered: