admin/raven
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Browse Source
This commit is contained in:
John Cardinal
2019-01-18 00:39:01 +00:00
parent 34b85b5e9f
commit b28a2d585b
2 changed files with 72 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
devdocs/todo.txt
View File

@@ -29,8 +29,8 @@ SERVER
- Add tests to ensure security of JWT
- https://assets.pentesterlab.com/jwt_security_cheatsheet/jwt_security_cheatsheet.pdf
- https://gist.github.com/ejcx/cbf2e1bb75b02c7d77bc1cfcf84a167e
- Test for expired token
- Wrong key / credentials rejected (ISS?)
- DONE Test for expired token
- . Wrong key / credentials rejected (ISS?)
- Test truncated signature portion (3rd part)
- Test signature transpose bytes
- Test with no or wrong algorithm ensure won't accept