Reposted
There should be a Bluesky equivalent for LinkedIn - LinkedIn is just completely unusable nowadays
November 27, 2024 at 9:14 PM
There should be a Bluesky equivalent for LinkedIn - LinkedIn is just completely unusable nowadays
Reposted
I talk about this on the pod all the time, but CSRF is dead simple. You just need to know the conditions.
I'm not gonna recite them again here, but today a new condition came up:
No Content-Type header -> no CSRF restrictions
Same-site: None
POST
= CSRF
The research:
I'm not gonna recite them again here, but today a new condition came up:
No Content-Type header -> no CSRF restrictions
Same-site: None
POST
= CSRF
The research:
November 27, 2024 at 4:55 PM
I talk about this on the pod all the time, but CSRF is dead simple. You just need to know the conditions.
I'm not gonna recite them again here, but today a new condition came up:
No Content-Type header -> no CSRF restrictions
Same-site: None
POST
= CSRF
The research:
I'm not gonna recite them again here, but today a new condition came up:
No Content-Type header -> no CSRF restrictions
Same-site: None
POST
= CSRF
The research: