sails-auth
sails-auth copied to clipboard
Why did you make GET/logout?
Explain me why did you make logout using GET /logout
?
It's not safe. Anyone malefactor can insert a picture <img src="http://yousite.com/logout" />
and your users will logged out.
It may be better to do POST /logout
?
Agreed
+1
Any update on this one?