comments (not for humans)

In this post I'll describe how OWASP Top 10: A3 - Broken Authentication and Session Management applies to javascript based applications. Problems around broken authentication and session management can happen for a number of reasons. The end result is the same. The attacker is somehow able to log in as another user, and get hold of content which the user should not have access too.


[...]
I guess this happens to lots of people because I found a lot of writing about it after searching google, but I didn't find any solution I could fully use. So I created a version that should work in most cases.
[...]