|
|
|
|
|
|
by dddomodossola
2820 days ago
|
|
|
you are correct it could be theoretically pressed by someone else, but it should be really difficult because of the unpredictability of IDs. It should be simpler to attack flask or django based webinterfaces. doesn't it? |
|
|
https://docs.djangoproject.com/en/stable/ref/csrf/
https://flask-wtf.readthedocs.io/en/stable/csrf.html