Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support authorization for SendToDashboard() #25

Closed
dustin-decker opened this issue Mar 7, 2018 · 1 comment
Closed

Support authorization for SendToDashboard() #25

dustin-decker opened this issue Mar 7, 2018 · 1 comment
Labels
enhancement

Comments

@dustin-decker
Copy link

Without authorization someone could easily flood the public endpoint of the dashboard with noise. I'm not sure what the best way to do this from the client side would be. Ideally some sort of signed assertion of the Chrome identity that you could verify would be optimal, but I'm not sure if that is possible.
Might be worth sending the ID from this API at minimum: https://developer.chrome.com/apps/identity#method-getProfileUserInfo
@jordan-wright
Copy link
Contributor

Hi @dustin-decker,

Sorry for taking so long to get back to this. I'm starting back up development for IsThisLegit and authenticating requests coming into the dashboard is something I'd like to get taken care of.

There's another issue at #32 that we'll work through to get this knocked out, so in the meantime I'll close this one in favor of working through the other issue. Thanks again for raising this issue!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jordan-wright @dustin-decker