Y
Hacker News
new
|
ask
|
show
|
jobs
by
reza_n
2974 days ago
> This would still happen even if there was a token or session associated.
This is exactly the scenario a CSRF token is support to prevent. But I understand your point.