Comment by rabidsnail 14 years ago Or xhr with custom header, if you don't want to have to keep track of state. 2 comments rabidsnail Reply kijin 14 years ago So that anyone who has JavaScript disabled will be treated like an attacker? No thanks, HN is one of very few sites nowadays that work fine without JavaScript tricks, and I'd much rather PG kept it that way. simonster 14 years ago A custom header is not sufficient (blame Flash): http://lists.webappsec.org/pipermail/websecurity_lists.webap...
kijin 14 years ago So that anyone who has JavaScript disabled will be treated like an attacker? No thanks, HN is one of very few sites nowadays that work fine without JavaScript tricks, and I'd much rather PG kept it that way.
simonster 14 years ago A custom header is not sufficient (blame Flash): http://lists.webappsec.org/pipermail/websecurity_lists.webap...
So that anyone who has JavaScript disabled will be treated like an attacker? No thanks, HN is one of very few sites nowadays that work fine without JavaScript tricks, and I'd much rather PG kept it that way.
A custom header is not sufficient (blame Flash): http://lists.webappsec.org/pipermail/websecurity_lists.webap...