svelte-kit-cookie-session Secure to pass sensitive session data to page?

Secure to pass sensitive session data to page?

Open johnnypea opened this issue 10 months ago • 0 comments

Please, is it safe/secure to pass sensitive session data to page like this?

/** @type {import('@sveltejs/kit').LayoutServerLoad} */
export function load({ locals, request }) {
	return {
		session: locals.session.data
	};
}

Or what is the recommended approach to use a "token" from session in client side requests (fetch) to external API?

Thank you.

Aug 16 '23 10:08 johnnypea