Comment by reza_n
7 years ago
> This would still happen even if there was a token or session associated.
This is exactly the scenario a CSRF token is support to prevent. But I understand your point.
7 years ago
> This would still happen even if there was a token or session associated.
This is exactly the scenario a CSRF token is support to prevent. But I understand your point.
No comments yet
Contribute on Hacker News ↗