Y
Hacker News
new
|
ask
|
show
|
jobs
by
amluto
1806 days ago
I’m quite surprised that Sec-Fetch-Dest doesn’t have a “form” type for form submissions, and the spec makes almost no mention of forms. Does this spec finally allow a simple header check to squash CSRF form posts or not?