Symmetric encryption and asymmetric encryption
Symmetric encryption uses the same key for encryption and decryption by both parties, posing risks such as key sharing and interception
Symmetric encryption uses the same key for encryption and decryption by both parties, posing risks such as key sharing and interception
JWT stands for JSON Web Token, a standard based on RFC 751 that is used to transmit JSON objects between two entities.
Authentication and Authorization are two concepts in access control, representing the questions: Who are you? What are you allowed to do?
CORS (Cross-Origin Resource Sharing) is a mechanism that determines whether a web page can access resources from other origins.
Regardless, one should never easily trust user requests to prevent CSRF. I've recently found my knowledge in this area lacking, so I'm catching up.
The summary is to never easily trust user input to prevent XSS to the greatest extent. Recently, I found my knowledge in this area lacking.