this post was submitted on 12 Dec 2023
242 points (95.8% liked)

Programmer Humor

32371 readers
574 users here now

Post funny things about programming here! (Or just rant about your favourite programming language.)

Rules:

founded 5 years ago
MODERATORS
[email protected]
[email protected]
242
SPAs were a mistake (lemmy.world)
submitted 10 months ago by [email protected] to c/[email protected]
23 comments fedilink hide all child comments
 
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 24 points 10 months ago

Then again, cookie auth is vulnerable to CSRF. Pick your poison.

Although CSRF protection just adds a minor inconvenience, while there is never a guarantee your code is XSS vulnerability free.