|
|
|
|
|
|
by mikeocool
754 days ago
|
|
|
I wouldn’t hold my breath. As I recall a similar article appeared a few years ago, and the author called out a major SaaS provider as having this issue. The provider ultimately decided not to do anything about it, because it would break too many clients. If you make a breaking API change like this, some portion of clients are just never going to update. If you’re a usage-based billing SaaS provider, that means lost revenue. Likely the only way this issue is fixed widely is if it ends up on a security audit checklist. |
|
|