0

The application base on JWT token as authorization. As my knowledge it should be storage in web storage of my my Firefox.

I've checked cookies, local/session storage and I can't find it there. The authorization token must be somewhere because is attached to my every HTTP request.

I won't fetch it from header, I just wanna be sure if its stored in browser.

is it possible that Firefox hide auth tokens or JWT is client-side generated (yea, it would be security vuln then).

Improve this question
5
  • There are many ways to save access token to browser. which web site URL are you looking for? Commented Aug 3, 2023 at 18:29
  • 1
    Thank you Bench for your answer. The URL and the application is non-public, internal. Could you please expand your thought? Commented Aug 3, 2023 at 22:07
  • or could you share any article? Most of them mentioned only web-storage or JS variables. Commented Aug 4, 2023 at 10:27
  • Not directly match your question but one of related this to save a cookie the access token into local file by curl. Commented Aug 4, 2023 at 11:05
  • Hey Bench, my point isn't save the access token. I want to check where it is stored. If it's client-side generated, then the application is really vulnerable. Commented Aug 7, 2023 at 12:36
Related questions
266
JWT vs cookies for token-based authentication
668
JWT (JSON Web Token) automatic prolongation of expiration
623
How to decode jwt token in javascript without using a library?
Load 6 more related questions Show fewer related questions

0

Reset to default

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.