sails-auth icon indicating copy to clipboard operation
sails-auth copied to clipboard

Published 20 hours ago verified publisher icon trailsjs

Why did you make GET/logout?

Open kulakowka opened this issue 8 years ago • 2 comments

Explain me why did you make logout using GET /logout ?

It's not safe. Anyone malefactor can insert a picture <img src="http://yousite.com/logout" /> and your users will logged out.

It may be better to do POST /logout?

kulakowka avatar Aug 07 '15 13:08 kulakowka

Agreed

Ziao avatar Jan 09 '16 09:01 Ziao

+1

Any update on this one?

frenchbread avatar Feb 27 '17 16:02 frenchbread