Y
Hacker News
new
|
ask
|
show
|
jobs
by
captn3m0
3190 days ago
This is the right solution. CSRF checks make no sense for an API that is accessed by a non-browser clients.