Y
Hacker News
new
|
ask
|
show
|
jobs
by
joking
503 days ago
Thats by design, you can’t trust the client, everything has to be checked server side.
1 comments
Clent
503 days ago
I think you misunderstand what's being described. The server didn't check it, it accepted the modified hidden field. The server should have rejected the request.
link