Hacker News new | ask | show | jobs
by mattbasta 4772 days ago
There's a CSRF token in the form, but deleting it doesn't seem to cause the search to fail.
1 comments
tekacs 4772 days ago
It's a search form.

It seems quite possible that CSRF checks could have been omitted in not expecting this to be a source of woe. Just goes to show... :P

link