You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The decrypt routine is used to decrypt the X-Zoom-App-Context header. The decrypted value contains important information for the application, such as the user's ID and action, which the Zoom application will act upon. Unfortunately, the decryption process is insecure, as the Node crypto API does not enforce an expected length of the authentication tag, which allows forging values. Depending on the context, varying levels of user impersonation are possible. See zoom/zoomapps-sample-js#24 for details.
The text was updated successfully, but these errors were encountered:
The decrypt routine is used to decrypt the X-Zoom-App-Context header. The decrypted value contains important information for the application, such as the user's ID and action, which the Zoom application will act upon. Unfortunately, the decryption process is insecure, as the Node crypto API does not enforce an expected length of the authentication tag, which allows forging values. Depending on the context, varying levels of user impersonation are possible. See zoom/zoomapps-sample-js#24 for details.
The text was updated successfully, but these errors were encountered: