Y
Hacker News
new
|
ask
|
show
|
jobs
by
swid
106 days ago
There is no real such thing as a read only GET request if we are talking about security issues here. Payloads with secrets can still be exfiltrated, and a server you don’t control can do what it wants when it gets the request.