Y
Hacker News
new
|
ask
|
show
|
jobs
by
pluto_modadic
234 days ago
...the solution to IDORs is to authenticate each user and check authorization per object.
full stop.