this post was submitted on 12 Apr 2024
3 points (100.0% liked)

FreeAssembly

75 readers
1 users here now

this is FreeAssembly, a non-toxic design, programming, and art collective. post your share-alike (CC SA, GPL, BSD, or similar) projects here! collaboration is welcome, and mutual education is too.

in brief, this community is the awful.systems answer to Hacker News. read this article for a solid summary of why having a less toxic collaborative community is important from a technical standpoint in addition to a social one.

some posting guidelines apply in addition to the typical awful.systems stuff:

(logo credit, with modifications by @dgerard@awful.systems)

founded 7 months ago
MODERATORS
 

reply with features and bug fixes you'd like to see in Philthy, the lemmy fork that runs on this instance. no guarantees I'll get to any of them soon, but particularly low-hanging fruit and well-liked features can be prioritized.

you are viewing a single comment's thread
view the rest of the comments
[–] bcdavid@hachyderm.io 1 points 4 months ago

@self @mii I think storing session tokens in localStorage is considered unsafe because localStorage is more open to XSS attacks. The bigger concern, though, is using JWT for session management at all, which is widely considered a bad idea. Here's one (of many) articles that go into that topic: https://dzone.com/articles/stop-using-jwts-as-session-tokens