|
|
|
|
|
|
by bawolff
374 days ago
|
|
|
> Exactly you can also trigger forms for POST or DELETE etc You cant do a DELETE from a form. You have to use ajax. If cross DELETE needs preflight. To nitpick, CSRF is not the ability to use forms per se, but relying solely on the existence of a cookie to authorize actions with side effects. |
|
|