|
|
|
|
|
|
by plz-remove-card
895 days ago
|
|
|
GET requests are supposed to be safe[0], if you have a unsubscribe link, you click that link, it makes a GET request, then unsubscribes the user, that GET request is no longer safe. How I've seen developers approach this, is the initial GET request loads a form, and requires that the user clicks something once more, to then submit a POST request and confirm the unsubscribe action. [0] https://developer.mozilla.org/en-US/docs/Glossary/Safe/HTTP |
|
|