Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

What makes you think that? CSRF vulnerabilities are possible precisely because cross-domain POST requests can be created without violating the cross-domain policy.


Consider applying for YC's Fall 2026 batch! Applications are open till July 27.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: