Hacker News new | ask | show | jobs
by ginko 63 days ago
There's lack of security theater and there's:

> All "access control" logic lived in the JavaScript on the client side, meaning the data was literally one curl command away from anyone who looked.

They are not the same thing.
1 comments
chrisjj 63 days ago
You've got to wonder from where did the "AI" parroted that.
link
chrisjj 63 days ago
A Stackoverflow wrong answer?
link