Jerry Gamblin · May 30, 2020 · 11:39 PM UTC

Jerry Gamblin

@JGamblin

30 May 2020

Aaron Parecki · May 31, 2020 · 6:06 PM UTC

Aaron Parecki @aaronpk

31 May 2020

This has almost nothing to do with JWTs, or even OpenID Connect for that matter.

Jerry Gamblin · May 31, 2020 · 6:10 PM UTC

Jerry Gamblin

@JGamblin

31 May 2020

Yep, I realized that after I posted and made a clarifying post in the thread, which you should have saw?

Aaron Parecki · May 31, 2020 · 6:11 PM UTC

Aaron Parecki · May 31, 2020 · 6:11 PM UTC

Aaron Parecki @aaronpk

31 May 2020

Replying to @JGamblin

I should have replied to that one. It’s barely a logic bug using JWT. I’m writing up more details in a blog post, will post a link shortly.

May 31, 2020 · 6:11 PM UTC

Jerry Gamblin · May 31, 2020 · 6:11 PM UTC

Jerry Gamblin

@JGamblin

31 May 2020

Replying to @aaronpk

Ok... what would you call it then?

Aaron Parecki · May 31, 2020 · 6:12 PM UTC

Aaron Parecki @aaronpk

31 May 2020

lack of form validation