What’s threat if WebSocket connection only checks authentication in the `Open` event
(I had checked the similar topics this/this/this/this, but I couldn’t find the exact scenario or example)
Let’s say I have a websocket server (MITM and XSS attacks are not in scope) where inside ‘open’ event, I check if user has authorizat… Continue reading What’s threat if WebSocket connection only checks authentication in the `Open` event