You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
If a consumer calls the current PanDomain.authStatus method, or directly references 'PublicKey', it's possibly exposed to internals of Panda that we might be able to avoid.
The above examples are calling PanDomain.authStatus, which means they express in their own code the assumption that Panda uses a single PublicKey to perform verification. That assumption will be broken by #150 - at that point the consumer code can be updated to cope with that, but maybe even better would be for the consumer code to make no assumption at all- could we just ask Panda "Is this cookie valid?", without having to reference a 'public key' at all...?
The text was updated successfully, but these errors were encountered:
If a consumer calls the current
PanDomain.authStatus
method, or directly references 'PublicKey', it's possibly exposed to internals of Panda that we might be able to avoid.The above examples are calling
PanDomain.authStatus
, which means they express in their own code the assumption that Panda uses a single PublicKey to perform verification. That assumption will be broken by #150 - at that point the consumer code can be updated to cope with that, but maybe even better would be for the consumer code to make no assumption at all- could we just ask Panda "Is this cookie valid?", without having to reference a 'public key' at all...?The text was updated successfully, but these errors were encountered: