Hacker News new | ask | show | jobs
by apsurd 449 days ago
so having "some protections" like db foreign key scoping that mitigates "well anyone can now bypass auth middleware for any route" makes this…

"not that bad on nextjs part"

no no, this is absolutely nuts.
1 comments
whoknowsidont 449 days ago
Some of you are ready for an argument, you responded to my post yet seemingly missed the very first sentence fragment:

>Not that this isn't a serious attack vector

At no point did I say or imply what you put in quotes.

link