You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Unless I missed it in the source, request's Hawk support sends a valid request header but it does not verify the incoming response. This should at least be documented since developers will be creating a security hole in their client code.
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
Unless I missed it in the source, request's Hawk support sends a valid request header but it does not verify the incoming response. This should at least be documented since developers will be creating a security hole in their client code.
This is how responses are verified with Hawk:
client.authenticate()
from https://github.com/hueniverse/hawk#usage-exampleThe text was updated successfully, but these errors were encountered: