understanding-csrf icon indicating copy to clipboard operation
understanding-csrf copied to clipboard

Published 20 hours ago verified publisher icon pillarjs

Update "Use only JSON API"

Open cluk3 opened this issue 8 years ago • 1 comments

As you can read here: http://security.stackexchange.com/questions/10227/csrf-with-json-post JSON API are still vulnerable to CSRF if you are not checking the content type.

cluk3 avatar Jan 25 '16 01:01 cluk3

Not sure why no comments on this PR. But this PR doesn't clear the confusion and is succinctly to the point.

Thanks

igauravsehrawat avatar Oct 16 '17 06:10 igauravsehrawat