Robert Townley

icon indicating a website link https://www.RobertTownley.com icon indicating an email [email protected]

icon company Truebill icon location Washington, DC icon location Washington DC-based web/mobile developer, with an SRE dual class. Python, JS/TS, and Rust are fun.

Results 1 comments of Robert Townley

security: pulling tokens from localStorage is not secure

One example of a threat vector that HTTP-Only cookies solves compared to XSS is an NPM supply chain attack. A malicious dependency could exfiltrate and POST the entire contents of...