yesiscan icon indicating copy to clipboard operation
yesiscan copied to clipboard

Published 20 hours ago verified publisher icon awslabs

Does not persist cookies

Open ajorg-aws opened this issue 1 year ago • 0 comments

since the complexities of handing every different auth system (including undocumented unknown ones) is outside of the scope of this system, we don't try to

There's no complexity that yesiscan would need to know about implied here. Browsers don't need to know any of that complexity either (and they don't, modulo U2F/FIDO because those require hardware). The complexity is hidden behind the fact that the auth system requires and gives cookies. So to support auth, you only need to handle cookies correctly. And indeed yesiscan is handling those cookies, but only in memory.

I think it's acceptable for yesiscan to not be able to persist cookies, but it does have a cost in startup time, bandwidth, and load on services that should be understood and documented, or considered and implemented.

Originally posted by @ajorg-aws in https://github.com/awslabs/yesiscan/pull/42#discussion_r960932594

ajorg-aws avatar Sep 01 '22 17:09 ajorg-aws