|
|
|
|
|
|
by defen
4195 days ago
|
|
|
The way CSRF works is that I put a form on evil.com that submits to example.com. If there's no CSRF protection, example.com will accept that form submission as if it had actually come from a page on example.com. GET/POST has nothing to do with it. |
|
|