Comment by MrMid
7 years ago
Actually, I do. This is not a form for user to change his own password, rather a administrators form to change another user's form. And for such actions the administrators identity and privileges are checked. But I understand your reasoning and thank you for pointing it out.
And yeah, I try to use GET only for safe requests, but I should be more careful.
No comments yet
Contribute on Hacker News ↗