See title. When logging into wefwef.app, does the dev have access to my account credentials or session tokens? Should we all self host our own?

  • rylin@lemmy.worldOP
    link
    fedilink
    English
    arrow-up
    2
    ·
    1 year ago

    Sounds like the session token and credentials pass through wefwef servers but aren’t stored locally so theoretically they (the dev or wefwef server owner) could capture that info, correct?

    • yoichi@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      Looks like that’s how it is till they can figure out the CORS issue. The dev does go on to say you are free to self-host if you feel it is a security issue