cookie authentication security issue
Yogeshkad opened this issue · comments
If i run the application which in this repository.
I created one user in the application
i login in application all works
i open different browser and open application url
and then in that browser if i copy past the old browser cookies
after that refresh
user getting access to application without login by just copying the cookies of other user
That's how cookies work.
If you dont want to use cokie dont use it. Use local storage etc
If you dont want to use cokie dont use it. Use local storage etc
ok do you any reference link or example for asp.net core web app
If you dont want to use cokie dont use it. Use local storage etc
Which would result in the same behavior when copied to a different browser.
This discussion is not related to this library. closing.
This issue has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue.