Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

As one commenter noted, employing XSS to steal the token out of localStorage is a risk.


Thats a risk against using any session based authentication token, right?




Consider applying for YC's Winter 2026 batch! Applications are open till Nov 10

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: