Next.js and the corrupt middleware: the authorizing artifact

https://zhero-web-sec.github.io/research-and-things/nextjs-and-the-corrupt-middleware

#HackerNews #Next.js #corrupt #middleware #authorizing #artifact #web #security

A question on #authorizing external apps to use my Mastodon account: when I enter my Mastodon ID in moa.party, I get to the Mastodon authorization screen, but when I then click "Authorize", Moa receives an invalid token error message. This seems not just a Moa issue, as I tried to create a link using http://dlvr.it, and that produces a similar authorization problem. Why might this be, and how can I fix this? Thank you for any help!