|
|
|
|
|
|
by smashingfiasco
2540 days ago
|
|
|
Implementing CSRF doesn’t stop an outside party from finding out that you have (for example) an AppleTV inside your network. The device will still return a HTTP status code. You could legit spy on end users this way. A real boon for ad tech, too. |
|
|
In general though, this isn't be a problem on proper IPv6 LANs and instead of buggy and cumbersome workarounds being built into browsers we should just switch.