Y
Hacker News
new
|
ask
|
show
|
jobs
by
johncolanduoni
975 days ago
Don't attach the sensitive URL parameters to the second redirect. The first redirect logs you in via cookie, and then if the second redirect is on the right origin it will have access to your cart.