Skip to content
This repository has been archived by the owner on Jan 1, 2024. It is now read-only.

Malformed JWT not handled #93

Closed
1 of 2 tasks
ghost opened this issue Sep 20, 2017 · 2 comments
Closed
1 of 2 tasks

Malformed JWT not handled #93

ghost opened this issue Sep 20, 2017 · 2 comments

Comments

@ghost
Copy link

ghost commented Sep 20, 2017
edited by ghost
Loading

I'm submitting a ...

  • bug report
  • feature request

Bug Report:

Quite an edge case :) actually not sure how another domains localStorage got into mine, but...
Malformed JWT not handled.

  • What is the expected behavior?

Malformed JWT resetsLocalToken() and takes you to login page.
I used https://github.com/auth0/jwt-decode and a try/catch loop.

  • What is the current behavior?

parseJwt function will error.

  • Steps to reproduce:

    1. Assign an invalid formatted JWT.
@Metnew
Copy link
Owner

Metnew commented Sep 20, 2017

Hi @TheDolo, thank you for the report, I'll investigate this case

@Metnew
Copy link
Owner

Metnew commented Nov 4, 2017

Now server removes token from cookies if JWT is invalid:
https://github.com/Metnew/suicrux/blob/master/src/server/middlewares/auth.js#L34-L36

@Metnew Metnew closed this as completed Nov 4, 2017
@snyk-bot snyk-bot mentioned this issue Sep 23, 2020
Open
@snyk-bot snyk-bot mentioned this issue Jan 18, 2022
Open
This was referenced Oct 5, 2022
Open
Open
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@Metnew