Y
Hacker News
new
|
ask
|
show
|
jobs
by
meow
5187 days ago
Yes it wont be able to read it. But that's not what they are after. What they do want is to execute some user action on the server side. So this action would have taken place just by executing the GET/POST request.
1 comments
euroclydon
5187 days ago
Thank you. I just wanted to make sure I understood the basis of why CRSF Tokens work.
link