Y
Hacker News
new
|
ask
|
show
|
jobs
by
oneeyedpigeon
4507 days ago
Submitting a form with JS is a whole other level of complexity than just having a link out there in the wild that performs write operations. And using a CSRF defeats that stated intent.