I don’t think CSRF has anything to do with those? | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		eli 13 days ago \| parent \| context \| favorite \| on: CSRF protection without tokens or hidden form fiel... I don’t think CSRF has anything to do with those?

paulryanrogers 13 days ago [–]

The endpoints serving those links can't be protected as well. Unless they serve a form that posts, which may not be legal if it requires extra clicks

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact