SuperTokens is an open source authentication solution offering features like: Different types of login: Email / password, Passwordless (OTP or Magic link based).

SuperTokens.com

Guys, how bad is this https://supertokens.com/docs/thirdpartyemailpassword/common-customizations/sessions/token-transfer-method vulnerability for XSS attacks with the `Authorization` header? Could you provide a bit more info on this, or where to read on this/what to do?

hey <@710556005150359665> use cookie based auth instead (which is the the default for webapps)