| ▲ | TZubiri 5 months ago | |
It feels like malpractice to use json in encryption | ||
| ▲ | red_admiral 5 months ago | parent [-] | |
Sadly JWT and friends are "standard". In theory the representation and the data are independent and you can marshal and unmarshal correctly. In practice, "alg:none" is a headache and everyone involved should be ashamed. | ||