|
|
|
|
|
|
by quickthrower2
964 days ago
|
|
|
Seems like a good proposal to me. Maybe there are privacy/security holes? Is it sort of like a "rich mans" CSRF token, but you don't need to put it in the form, and it works on all requests GET, POST, ..., and is cryptographically secure etc. |
|
|