You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This could result in invalid JWTs being mistakenly accepted, if the caller assumes they can simply try/catch with throwError passed as true and don't also check the return value.
The text was updated successfully, but these errors were encountered:
stephent
changed the title
throwsError does not throw on invalid signaturethrowError does not throw on invalid signature
Jun 9, 2024
The readme states:
But the
verify
method does not throw if the following line returns false, even ifthrowError
is true:cloudflare-worker-jwt/src/index.ts
Line 232 in 8a75c24
This could result in invalid JWTs being mistakenly accepted, if the caller assumes they can simply try/catch with
throwError
passed astrue
and don't also check the return value.The text was updated successfully, but these errors were encountered: