Y
Hacker News
new
|
ask
|
show
|
jobs
by
jerf
4406 days ago
POSTs can be forged too, if another vulnerable site permits Javascript on their domain accidentally (among other ways, but that's the big one).
1 comments
qu4z-2
4405 days ago
Isn't that CSRF, though?
link
smsm42
4405 days ago
CSRF is what allows you to post. XSS is what happens after it is posted.
link