Comment by Thorrez
4 months ago
>reading CSRF tokens from page contents because it was a subdomain.
Huh? I don't think you can read page contents unless the origin matches exactly (scheme://host:port).
4 months ago
>reading CSRF tokens from page contents because it was a subdomain.
Huh? I don't think you can read page contents unless the origin matches exactly (scheme://host:port).
No comments yet
Contribute on Hacker News ↗