SailNet Community - View Single Post - New search engine for sailboats
View Single Post
Old 10-28-2013
voyageur_131 voyageur_131 is offline
Junior Member
Join Date: Oct 2013
Posts: 14
Thanks: 0
Thanked 0 Times in 0 Posts
Rep Power: 0
voyageur_131 is on a distinguished road
Re: New search engine for sailboats

@Argalax: There's now close to 60 OAuth providers (including Facebook, Google, LinkedIn, Twitter and other major players) and probably hundreds of thousands websites using OAuth for authentication and authorization. OAuth is the way to go if you're building a web app in 2013. Sure, there might be XSS attacks enabled by OAuth out there (a quick google search only gave me one such theorical attack), but it won't stop me from using my Gmail and Facebook accounts to log in other websites. I don't like having to remember 20 different passwords. I'm not saying "just trust me", I did offer to go over any HTML or JavaScript bits you were concerned about. I think that if you are accusing my website of being malicious, the burden of proof is on your side.

At any rate, since you are interested in using the site and since you are genuinely concerned by possible XSS attacks, I'll happily add my own custom login mechanism tonight. I'll handle password recovery through PM for now since I don't have time to implement a password recovery system.

I'll post an update once I've pushed the change,

Reply With Quote Share with Facebook