Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix a security issue: https://github.com/supabase/supabase/pull/22381 #65

Merged
merged 1 commit into from
May 9, 2024

Conversation

scosman
Copy link
Contributor

@scosman scosman commented May 9, 2024

Details:

We're now back up to date with the supabase suggested format here: https://supabase.com/docs/guides/getting-started/tutorials/with-sveltekit

Details:
 - CMSaaSStarted followed the offical SvelteKit Supabase docs here: https://supabase.com/docs/guides/getting-started/tutorials/with-sveltekit
 - Unforunately the server side helper getSession was not validtion the JWT token, which was caught and fixed in the docs here: supabase/supabase#22381
 - There were a few improvements/cleanups since the fix, which we integrated as well, see change history here: https://github.com/supabase/supabase/commits/master/apps/docs/content/guides/getting-started/tutorials/with-sveltekit.mdx

We're now back up to date with the supabase suggested format here: https://supabase.com/docs/guides/getting-started/tutorials/with-sveltekit
@scosman
Copy link
Contributor Author

scosman commented May 9, 2024

Thanks to @activenode for spotting this here: #64

Since it's a security issue I wanted to get this out ASAP so wrote up the PR instead of waiting.

@scosman scosman merged commit 7904d41 into main May 9, 2024
11 checks passed
@scosman scosman deleted the safe_get_session branch May 9, 2024 14:29
@activenode
Copy link

Awesome! 🥳

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants