this post was submitted on 12 Dec 2023
248 points (95.9% liked)

Programmer Humor

32571 readers
130 users here now

Post funny things about programming here! (Or just rant about your favourite programming language.)

Rules:

founded 5 years ago
MODERATORS
 
you are viewing a single comment's thread
view the rest of the comments
[–] gornius@lemmy.world 25 points 11 months ago

Then again, cookie auth is vulnerable to CSRF. Pick your poison.

Although CSRF protection just adds a minor inconvenience, while there is never a guarantee your code is XSS vulnerability free.