Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
paulryanrogers
4 months ago
|
parent
|
context
|
favorite
| on:
CSRF protection without tokens or hidden form fiel...
I was thinking more about the unsubscribe footer links still very common in emails.
eli
4 months ago
[–]
I don’t think CSRF has anything to do with those?
paulryanrogers
4 months ago
|
parent
[–]
The endpoints serving those links can't be protected as well. Unless they serve a form that posts, which may not be legal if it requires extra clicks
Consider applying for YC's Summer 2026 batch! Applications are open till May 4
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
