readme: clarify usage of the JWT private key #16

paulRbr · 2024-12-11T08:57:50Z

Saying that the client is using the private key isn't really
clear. Indeed the private key is not used by the browsers client, but
the server “client”.

I tried to clarify this by modifying the sentence.

Let me know if you have a better phrasing.

Saying that the client is using the private key isn't really clear. Indeed the private key is not used by the browsers client, but the server “client”. I tried to clarify this by modifying the sentence. Let me know if you have a better phrasing.

hack3rvaillant · 2024-12-11T10:55:47Z

I think that it depends of the use case. If you have a SPA there it could be only on the client side. CORS proxies are really useful for SPAs.

paulRbr · 2024-12-11T15:59:51Z

I think that it depends of the use case. If you have a SPA there it could be only on the client side. CORS proxies are really useful for SPAs.

What I meant is that you wouldn't want a private key to be included in a web client (be it a SPA or not)

paulRbr self-assigned this Dec 11, 2024

paulRbr requested a review from hack3rvaillant December 11, 2024 08:58

hack3rvaillant approved these changes Dec 11, 2024

View reviewed changes

paulRbr merged commit 80c8100 into bump-sh:main Dec 11, 2024
1 check passed

paulRbr deleted the clarify-jwt-private-key-usage branch December 12, 2024 09:10

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

readme: clarify usage of the JWT private key #16

readme: clarify usage of the JWT private key #16

paulRbr commented Dec 11, 2024

hack3rvaillant commented Dec 11, 2024

paulRbr commented Dec 11, 2024

readme: clarify usage of the JWT private key #16

readme: clarify usage of the JWT private key #16

Conversation

paulRbr commented Dec 11, 2024

hack3rvaillant commented Dec 11, 2024

paulRbr commented Dec 11, 2024