Y
Hacker News
new
|
ask
|
show
|
jobs
by
nilsbunger
1255 days ago
I'm pretty sure you should also use CSRF protection in POST requests when you do cookie-based sessions.