|
|
|
|
|
|
by smsm42
4548 days ago
|
|
|
Well, one thing to do with the tokens might be that if the token were required for the GET request in question, then stealing the content via script tag may be harder. OTOH, putting one-time tokens on every request might be a bit too much for many apps, while(1) hack may be more efficient. |
|
|