Grayson Carroll
Grayson Carroll
If a developer used R.clone to clone an object generated by JSON.parse that was parsed from user input data, it will clobber the prototype for that object, allowing it to...
In addition to being an attractive target for hackers, storing these SSO credentials presents an interesting trust problem from the perspective of more privacy-conscious users. We are just committing to...
Make sure we account for CORS (https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS). Ideally, we should handle app-wide configurations in one place so as to simplify the various requests that will be sent to the API...
### SSO Providers I want to go ahead and start fleshing out my thoughts on which SSO providers we should look at, and examining the value they each bring for...
If we allow for multiple, entirely decoupled deployments of the PIS system, we open up the following possibility: Let's say we have an application that is attempting to use the...
If we only rely on SSO-based API integrations, we won't be able to provide very strong guarantees of identity. Unfortunately, most of these APIs do not provide information that they...
Ensure that flask application will not crash the docker container when it encounters a syntax error
Currently, when you save a python file on the server that causes a syntax error, it crashes the docker container, and you have to restart it. Ideally, it would continue...
Fraud prevention - How do we prevent fake accounts from accumulating too much identity verification?
In every online-enabled system, fake accounts run rampant. If we're using primarily SSO for verifying a user's individuality, even the strongest SSO accounts integrations for identity verification ( i.e. banks)...
One of the cornerstones of success in this project is to ensure that a given account is verifiable as a unique individual, as bolstered by various third-parties. However, if person...
As the platform grows and scales, we will have a large influence in which applications are able to expose data through our system. Every integration we build/enable could be a...