See title. When logging into wefwef.app, does the dev have access to my account credentials or session tokens? Should we all self host our own?

    • rylin@lemmy.worldOP
      link
      fedilink
      English
      arrow-up
      2
      ·
      2 years ago

      Sounds like the session token and credentials pass through wefwef servers but aren’t stored locally so theoretically they (the dev or wefwef server owner) could capture that info, correct?

      • yoichi@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        2 years ago

        Looks like that’s how it is till they can figure out the CORS issue. The dev does go on to say you are free to self-host if you feel it is a security issue