HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.
Why does Vanilla use JavaScript for the SSO plugin? (jsConnect)

Something I haven't quite been able to wrap my mind around...
Is there any particular reason why JavaScript was chosen over simply using PHP?
Tagged:
0
Comments
We initiate the SSO handshake using the user's browser session. It's not possible to do that server-to-server.