Comments (7)
Thalhammer
commented on July 21, 2024
1
@jfinkhaeuser Of course it should be fixed to error out. But since this is not a hard bug I will fix it once I come around to do so and consider it an improvement.
from jwt-cpp.
Thalhammer
commented on July 21, 2024
1
@jfinkhaeuser
I believe it should no behave correctly. You may check over it though.
from jwt-cpp.
Thalhammer
commented on July 21, 2024
Sorry for the late reply.
If I understand correctly, the "bug" is that the library does not protect you against using the wrong input key ?
Or is there also an issue if you use it correctly ?
from jwt-cpp.
jfinkhaeuser
commented on July 21, 2024
The bug is in the invalid padding. The trigger are the mismatching keys.
from jwt-cpp.
Thalhammer
commented on July 21, 2024
Yeah but the bug regarding invalid padding was fixed in the other issue. So this is only about it not complaining about the user doing something wrong?
from jwt-cpp.
jfinkhaeuser
commented on July 21, 2024
The code or the documentation.
I'm not trying to tell you what you should do, mind you. But I also have a quality management background, and my preference is that invalid inputs should not look like they succeed. Currently that's the case.
Personal preference would be to error out and document how to avoid it.
from jwt-cpp.
Thalhammer
commented on July 21, 2024
Behaviour should be fixed by fae2875.
from jwt-cpp.
Related Issues (20)
- undefined reference error in compiling HOT 9
- what secret format should i use for HS512 algorithm HOT 1
- Release status of 0.7.0-rc.0 HOT 3
- Guide to Setting Up jwt-cpp? HOT 4
- Building example: no matching function for call to ‘decode(std::string&)’ HOT 1
- Compilation error: no matching function for call to ‘decode(std::string&)’ HOT 2
- Build Errors For picojson.h? HOT 8
- Getting Error - namespace "jwt" has no member "claims" HOT 6
- Unable to generate token using ed25519 HOT 2
- Use of Builder explicitly
- Need help : How to Implement JWT Operations from Python Using jwt-cpp ? HOT 5
- How to use payload and get the payload data HOT 7
- Boost JSON traits kind of buggy HOT 5
- How to verify a jwt HOT 3
- Invalid input: not within alphabet HOT 6
- Locking in libcrypto in multi threaded app HOT 6
- Linker error for OpenSSL on Windows HOT 5
- Exception is thrown with the exmple private-claims.cpp HOT 10
- Flattened JWS JSON Serialization HOT 7
- unexpected exception(expired) throws in verify JWT token HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from jwt-cpp.